Hi Eddy,
From what I've gathered here and there, it seems that "globalvar"
declares what would be the equivalent of a session variable. So, I'm
thinking of using it as follows for authentication.
a globalvar is the same as an input, output and datalink for all the
elements inside the scope of the globalvar declaration. It however
doesn't correspond to a session variable, since it is not stored
independently from the state transitions of you web application.
RIFE has a special approach towards sessions and we don't think that
the traditional way of handling them is a good way. You can read more
about this here:
http://rifers.org/wiki/display/RIFE/Acceptable+session+support
Is this a good way of handling authentication? Or should I be using
inheritance? If the latter, how do I proceed? I have some difficulty
I encourage you to use behavioral inheritance since you get a lot of
benefits from it, together with a simple way to declare cross-concern
logic in an AOP-like fashion. More information about the benefits here:
http://rifers.org/blogs/gbevin/2005/3/15/session_timeout_solution
understanding the examples for authentication as those seem memory- or
database-centric and not applicable for a customised authentication
mechanism.
Actually, the authentication has been designed to be fully
customizable and it is done so in several layers.
If you look at the DatabaseAuthenticated element (https://
svn.rifers.org/rife/trunk/src/framework/com/uwyn/rife/authentication/
elements/DatabaseAuthenticated.java) and its deployer (https://
svn.rifers.org/rife/trunk/src/framework/com/uwyn/rife/authentication/
elements/DatabaseAuthenticatedDeployer.java), you'll see that most of
the authentication logic actually sits in the Autheticated element
(https://svn.rifers.org/rife/trunk/src/framework/com/uwyn/rife/
authentication/elements/Authenticated.java) and that the database
variant merely sets up the required managers.
To implement your own authentication scheme, I suggest that you start
with reading the javadocs of the SessionValidator class (http://
rifers.org/docs/api/com/uwyn/rife/authentication/
SessionValidator.html). This class collaborates with SessionManager,
RememberManager and CredentialsManager classes, and RIFE provides a
collection of standard implementations for these that are the ones
you use in the usersguide.
I hope this gives you some pointers to work from.
Best regards,
Geert
--
Geert Bevin Uwyn bvba
"Use what you need" Avenue de Scailmont 34
http://www.uwyn.com 7170 Manage, Belgium
gbevin[remove] at uwyn dot com Tel +32 64 84 80 03
PGP Fingerprint : 4E21 6399 CD9E A384 6619 719A C8F4 D40D 309F D6A9
Public PGP key : available at servers pgp.mit.edu, wwwkeys.pgp.net
_______________________________________________
Rife-users mailing list
[email protected]
http://www.uwyn.com/mailman/listinfo/rife-users
