Played further with the Container-based AuthModule and got a little
farther. Can't compile the code based on my limited Scala knowledge
but I hope you see what I'm trying to achieve.
You'll notice that I left the ModuleName with "upw". I've done this,
because I'd assume that the api2 could be used to create the users. A
moduleName with "container" wouldn't make much sense.
I also don't know what do do with "case Req("authentication" ::
"login" :: Nil, _, PostRequest) =>", because it refers to a specific
login page which we won't have if had container-based authentication.
Maybe someon can give me a tip where my Scala mistakes are....
object ContainerAuthModule extends AuthModule {
def moduleName: String = "upw"
def performInit(): Unit = {
LiftRules.dispatch.append {
case Req("authentication" :: "login" :: Nil, _, PostRequest) =>
val from = S.referer openOr "/"
(for {
java.security.Principal principal = S.Request.getUserPrincipal();
if(principal != null) {
String username = principal.getName();
user <- UserAuth.find(By(UserAuth.authKey, username),
By(UserAuth.authType,
moduleName)).flatMap(_.user.obj) or
User.find(By(User.nickname, username))
userAuth <- UserAuth.find(By(UserAuth.user,
username), By(UserAuth.authType, moduleName))
}
if true
} yield user) match {
case Full(user) =>
User.logUserIn(user)
S.notice(S.?("base_user_msg_welcome", user.niceName))
case _ =>
S.error(S.?("base_user_err_unknown_creds"))
}
S.redirectTo(from)
}
}
On Fri, Jan 8, 2010 at 4:12 PM, Richard Hirsch <[email protected]> wrote:
> On Fri, Jan 8, 2010 at 3:38 PM, Daniel Koller <[email protected]> wrote:
>> ...only a short remark: that would also ease the task to enable Win NT
>> authentication. (because NT auth is then just a matter of container
>> configuration).
>> AFAIK there recipes already how to make it work on Tomcat.
>>
>> However we should look what this means for the task of role management.
>
> We are waiting for LDAP to come to Lift before moving more in this
> direction. But you might also want to take a look at Ethan's work
> regarding the admin role. In the threads discussing his work, we also
> talked about groups / roles...
>>
>> Kind regards,
>>
>> Daniel
>>
>> 8. Jan 2010 1:33 nachm. schrieb am "Richard Hirsch" <[email protected]>:
>>
>> Been thinking a lot about container based authentication - primarily,
>> because of my interest in the CAS integration which is necessary for
>> an OFBiz integration (search for OFBizCasAuthenticationHandler.java
>> class for details)
>>
>> Here a few thoughts.
>>
>> in J2EE, the way to get the user is via the following code:
>>
>> java.security.Principal principal = request.getUserPrincipal();
>> if(principal != null) {
>> String username = principal.getName();
>> // usw. usf.
>> }
>>
>> If we used the UserPwdAuthModule in UserAuth.scala as a basis, we
>> could use the following code combined with the code above to get the
>> user:
>>
>> user <- UserAuth.find(By(UserAuth.authKey, name),
>> By(UserAuth.authType,
>> moduleName)).flatMap(_.user.obj) or
>> User.find(By(User.nickname, name))
>>
>> We could take use the S object in lift to get the request and then get
>> the UserPrincipal. Probably with "S.request"
>>
>> The only I don't know is how to make this Container-based authmodule
>> be the default that works without a UI that implicitly calls it.
>>
>> One idea is to remove the following lines from Boot.scala
>> UserAuth.register(UserPwdAuthModule)
>> UserAuth.register(OpenIDAuthModule)
>>
>> and replace them with
>> UserAuth.register(ContaionerAuthModule)
>>
>>
>> Anyone have any ideas / thoughts?
>>
>> D.
>>
>
