Hi all, (2 minutes ago Geert posted some more info, I'll read it later, first I will do some code cleanup here..)
I'm happy to say that today I solved my Problem, regarding the User authentication. Yesterday, I did some searching in the mailing list Archive and in the wiki, then I had a good nights sleep to ponder my problems :-) This Morning I started from scratch, and modelled my solution after the HTTPAuth example (http://rifers.org/wiki/display/RIFE/HTTP+authentication) Here is a quick rundown of what I did, - definend my own Element in auth.xml as MyTestAuth - set childtrigger to "authid" - added a submission "user_data" - bean "user" class="MyTestUserbean" - set an ADMIN site to inherrit AUTH (from auth.xml) - added a global var "authid" - added an Element LOGOUT with implementation MyLogOut So far for the configuration. I first implemented the "MyTestAuth extends Element implements implements ChildTrigger" Class. (I found out about the ChildTrigger Interface later, because of the very helpfull and very good Exceptionreporting in Rife) Here I overode the processElement() method to do the following: - getNamedSubmissionBean - if not validate() show form again.. - if validate() create a RoleUser object from the Info - get SessionManager, sessionValidator just like in the HttpAuth example - create a MemoryUsers instance as "new MyTestMemoryUsers extends MemoryUsers" - in MyTestMemoryUsers I overrode public long verifyCredentials() to use my own specific backend-calls and validation of user info - if the userdate is correct it returns the ID (long) of the user - else -1 - like in the Httpauth example: credentials_manager.verifyCredentials() gives my out userID - then "String sessionString = session_manager.startSession(userid,getRemoteAddr(), false) " returns the string for authid, wich is set with setOutput - then call child() and it works :-) (allmost) Only thing left to do is to implement: - public boolean childTriggered(String name, String[] values) - All it does is: session_manager.continuesession(authID), if it fails, return false, else return true. For MyTestLogout I did the following in processElement() - session_manager.eraseSession(authID); - then an "clearOutput("authid");" Well this is how far i am at the moment, things work so far, but a few questios remain: (1) Is it correct to implement my own Object like this? (2) in the application, if I click on the ADMIN link, I get redirected to the login form, Sofar so good. But then, if I click HOME (in the menu, it as a global exit) I get an extrodinary long url: http://localhost:8080/admin/StartAdmin?childrequest=bWFudWFsOlN0YXJ0QWRtaW54 AEdFVG0A&triggerlist=AQAAAAIAAABhdXRoLnhtbGQAaG9tZWQAZABkAA%3D%3D Normaly HOME points to "/", but here I seem to be trapped inside the ADMIN sub site. If anybody can answer these questions for me i would be gratefull. If you are interessted I can also provide som esourcecode, or even make a wiki entry. The case handling "sessions /authentication" with external UserInfo is not documented in the wike AFAIK. Mit freundlichen Grüßen / With kind regards Huibert Gill > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Im Auftrag von henk > Gesendet: Dienstag, 25. Juli 2006 15:22 > An: RIFE users list : questions,bug reports and suggestions. > Betreff: Re: [Rife-users] Can't get "flexible authentication" to work > > Hi, > > I too am very new to Rife, but do you have a call to > 'child()' in your > code in order to propagate the request to the child ? > > Henk > > Gill Huibert wrote: > > Hi , > > > > Since last week I've been evaluating Rife for use in my > next project. > > So far I'm very exited about the features Rife offers. > > I have tried the examples, and understood them so far (I think) > > > > Now it's time to try the first steps for my own project with Rife. > > > > First thing I wanted to try out was the abbility to > authenticate a User. > > We have a custom class which wrapps all userinfo for all of our > > webapplications. > > I can fetch an user class instance from a service for a > givven username. > > > > In the cookbook I read about the flexible authentication. > > (http://rifers.org/wiki/display/RIFE/Flexible+authentication) > > > > So I implemented my own class which implements the > RolesuerCredentials > > interface. > > (my auth element extends rife/authenticated/memory.xml, and > a property > > "credentials_class" points to my class) > > Here I wrote a lengthy validate() Method, which fetches a > user, and compared > > passwords. > > (it was just a mockup or prrof of concept, nothing fancy) > > The validate() method returns false for wrong password, and true if > > everything is correct. > > > > This works, in so far that my codes gets called, and the > username/password > > is evaluated, and the correct boolean values are returned. > > But regardless if I type in the correct username/password, > or if I give a > > wrong login, > > I get redirected back to the login form... > > > > Is there something I'm missing? (there obviously is :-) > > Or am I completly onto the wrong track? > > > > Any help would be apriciated. > \ / > - marsman > > contact me : henk at marsman-it.be > _______________________________________________ > Rife-users mailing list > [email protected] > http://lists.uwyn.com/mailman/listinfo/rife-users > _______________________________________________ Rife-users mailing list [email protected] http://lists.uwyn.com/mailman/listinfo/rife-users
