Hi KD,
The Restlet Security schema is highly extensible and very adaptive. Kudos to
the team. You can easily write your own authentication scheme.
We have a 'Component' which has several 'Applications' in it. We needed custom
authentication and authorization for one of these applications. This is how we
did it.
They key was to write a custom 'Guard' with a custom 'Authorizer' and
'Authenticator'. We have a basic guard protecting all our other applications.
We wrote a custom one for enhanced security.
Some of the code below (we aren't open source, so cant attach the actual code)
Do let me know if you need further help with this. Will try to send you a small
demo app.
You can also refer to the tests in the restlet distribution. They are very
helpful as well.
Thanks!
Nirav
/********* Custom Guard *********************/
protected ChallengeAuthenticator cieGuard(CieApplication app, Context ctx){
CieChallengeAuthenticator guard = new CieChallengeAuthenticator(ctx,
ChallengeScheme.HTTP_BASIC, "CIE2.0");
CieAuthorizer roleAuthorizer =
ServiceLoaderHelper.getInstance(CieAuthorizer.class);
guard.setNext(roleAuthorizer);
roleAuthorizer.setNext(app);
return guard;
}
/**************Custom Authenticator*************/
public class CieChallengeAuthenticator extends ChallengeAuthenticator {
public CieChallengeAuthenticator(Context context,
ChallengeScheme challengeScheme, String realm) {
super(context, challengeScheme, realm);
}
@Override
protected boolean authenticate(Request request, Response response) {
//put all your custom authentication logic here
}
}
/*******************Custom Authorizer****************************/
public class CieAuthorizer extends RoleAuthorizer {
public CieAuthorizer() {
super();
}
@Override
public boolean authorize(Request request, Response response) {
//put all your custom authorization logic here
}
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2432323
