...only a short remark: that would also ease the task to enable Win NT authentication. (because NT auth is then just a matter of container configuration). AFAIK there recipes already how to make it work on Tomcat.
However we should look what this means for the task of role management. Kind regards, Daniel 8. Jan 2010 1:33 nachm. schrieb am "Richard Hirsch" <[email protected]>: Been thinking a lot about container based authentication - primarily, because of my interest in the CAS integration which is necessary for an OFBiz integration (search for OFBizCasAuthenticationHandler.java class for details) Here a few thoughts. in J2EE, the way to get the user is via the following code: java.security.Principal principal = request.getUserPrincipal(); if(principal != null) { String username = principal.getName(); // usw. usf. } If we used the UserPwdAuthModule in UserAuth.scala as a basis, we could use the following code combined with the code above to get the user: user <- UserAuth.find(By(UserAuth.authKey, name), By(UserAuth.authType, moduleName)).flatMap(_.user.obj) or User.find(By(User.nickname, name)) We could take use the S object in lift to get the request and then get the UserPrincipal. Probably with "S.request" The only I don't know is how to make this Container-based authmodule be the default that works without a UI that implicitly calls it. One idea is to remove the following lines from Boot.scala UserAuth.register(UserPwdAuthModule) UserAuth.register(OpenIDAuthModule) and replace them with UserAuth.register(ContaionerAuthModule) Anyone have any ideas / thoughts? D.
