Basically here's what I want to accomplish: 1. I want the user to login through a simple form on /index.html - this is the only unprotected page on the site. User does not have a user name, the only field is a password. 2. I want to store the user role (along with some other state data) in the user session 3. If user tries to access any page other than index.html, I want to redirect to /index.html
After stumbling for a while due to scarcity of documentation, I have done the following: In Boot.scala: LiftRules.httpAuthProtectedResource.prepend { case ParsePath("index" :: Nil, "html", true, false) => Empty case _ => Full(AuthRole("admin")) } LiftRules.authentication = SessionAuthentication() InSessionAuthentication.scala: case class SessionAuthentication extends HttpAuthentication { def verified_? = { case(req) => { // TODO: Prefetch from DB here true } } } It is my understanding that this should not ask for auth at all. In reality, it doesn't ask for auth on /index.html, but DOES ask for Basic auth (through a browser popup) on any other page. What am I doing wrong, and how do I make it right? -- You received this message because you are subscribed to the Google Groups "Lift" group. To post to this group, send email to lift...@googlegroups.com. To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/liftweb?hl=en.