Re: [Rife-users] Impl. HTTP Basic Authentication

Wed, 04 Jan 2006 08:36:49 -0800 

I need to have this code set cookies, for compatibility
with other code, and I see that the relevant code is in
com.uwyn.rife.authentication.elements.Authenticated.startNewSession().
I wonder if it might make sense to have HttpAuthentication
_extend_ Authenticated, or perhaps even RoleUserAuthenticated ?
Perhaps not ... The code as-is is a good example of how
to write your own standalone authentication element  :)



I wouldn't extend that element since its purpose is fundamentally  
different. Of course, if you prefer to do so, go ahead. I'm not sure  
though that a cookie can be sent together with the HTTP  
authentication header.



Also, I would like HttpAuthentication to accept a _set_ of
roles, so that a user could login who has _any_ of these
roles, and then an exit is selected based on the role.
Like so:

        [ sitemap ]
        <element id="HTTPAUTH" implementation="wa.authent.HttpAuthent">
           <property name="role">role1 role2 role3</property>
        </element>

        [ HttpAuthentication ]
        if (theRole.equals ("role1")) redirect ("/foo/menu");
        if (theRole.equals ("role2")) redirect ("/bar/menu");
        if (theRole.equals ("role3")) redirect ("/byob/menu");


That would work.


I guess then that code for credentials validation could be
 modified to try each username+password+role combination,
until one succeeds:

        SessionManager  sessionMgr = MemorySessionsFactory.getInstance();
        SessionValidator validator = new MemorySessionValidator();
        MemoryUsers credentialsMgr = MemoryUsers.getRepInstance();
        validator.setCredentialsManager(credentialsMgr);
        validator.setSessionManager(sessionMgr);
        validator.setRememberManager(null);

        String username = cred_arr[0];
        String password = cred_arr[1];
        List<String> roles = StringUtils.unpack(getPropertyString("role"));
        for (String role : roles) {
            RoleUser credentials = new RoleUser(username, password, role);
            if (credentials.validate()) {
                // succeeded; select appropriate exit
                [..]


and that also ;-)

--
Geert Bevin                       Uwyn bvba
"Use what you need"               Avenue de Scailmont 34
http://www.uwyn.com               7170 Manage, Belgium
gbevin[remove] at uwyn dot com    Tel +32 64 84 80 03

PGP Fingerprint : 4E21 6399 CD9E A384 6619  719A C8F4 D40D 309F D6A9
Public PGP key  : available at servers pgp.mit.edu, wwwkeys.pgp.net


_______________________________________________
Rife-users mailing list
[email protected]
http://www.uwyn.com/mailman/listinfo/rife-users






















					Reply via email to