Hi,
I was thinking of
using the pluggable security architecture of MMBase to implement a custom
authentication/authorization scheme. I have several users that login
via an external application. This application adds headers to the
request to confirm that the user was correctly authenticated (e.g.
groups=editor,sr_editor,admin).
I would like to use
this header information in the login method of my own implementation of
org.mmbase.security.Authentication. I thought to use the 'parameters' parameter
for this. However, there is no simple way of providing parameters to the login
method. The login method is used in the constructor of BasicCloud,
where this parameter is set to null. The BasicCloud constructor is called from
BasicCloudContext.getCloud, which is again called from several
places.
Overriding all this
code is not really an option but I would still like to use some extra
information to determine whether a user is allowed to login. How is this best
done?
Thanks in
advance,
Ronald
Wildenberg.
-----------------------Disclaimer-------------------------
Dit bericht (met bijlagen) is met grote zorgvuldigheid samengesteld. Voor mogelijke onjuistheid en/of onvolledigheid van de hierin verstrekte informatie kan Kennisnet geen aansprakelijkheid aanvaarden, evenmin kunnen aan de inhoud van dit bericht (met bijlagen) rechten worden ontleend. De inhoud van dit bericht (met bijlagen) kan vertrouwelijke informatie bevatten en is uitsluitend bestemd voor de geadresseerde van dit bericht. Indien u niet de beoogde ontvanger van dit bericht bent, verzoekt Kennisnet u dit bericht te verwijderen, eventuele bijlagen niet te openen en wijst Kennisnet u op de onrechtmatigheid van het gebruiken, kopiëren of verspreiden van de inhoud van dit bericht (met bijlagen).
This message (with attachments) is given in good faith. Kennisnet cannot assume any responsibility for the accuracy or reliability of the information contained in this message (with attachments), nor shall the information be construed as constituting any obligation on the part of Kennisnet. The information contained in this message (with attachments) may be confidential or privileged and is only intended for the use of the named addressee. If you are not the intended recipient, you are requested by Kennisnet to delete this message (with attachments) without opening it and you are notified by Kennisnet that any disclosure, copying or distribution of the information contained in this message (with attachments) is strictly prohibited and unlawful.
----------------------------------------------------------
