Hi David,
the problem with authentication is that it's a feature that's always
more difficult than people think it should be. Just look at which
other frameworks try to provide a solution for this, there's only Acegi.
It's always a two fold approach, you need to create the structure for
the credentials/authentication token storage and you need to setup
the authentication itself. I think that the current RIFE process is
already very streamlined, you just need to plug in the required
players at the right location. However, doing that requires you to
know a bit more about RIFE that just the constraints or crud (like
participants). I think this is justified given the nature of the
problem. Using meta data for the account structure feels to me like
making it more complex than it should be.
Anyway, I added an example of database authentication to the
jumpstart I hope that this clarifies everything:
http://rifers.org:8088/changelog/rifers/?cs=3586
Take care,
Geert
On 06 Dec 2006, at 03:09, David HM Spector wrote:
Hi Geert,
I've been studying JumpStart, the cookbook and the live users guide
sections, but I guess (being a visual learner myself) is what's
missing is a good, old-fashioned flow diagram and more info on the
intrinsics of how all the advanced bits go together...
For example, the memory version is pretty straight forward.. the
data source is an XML representation consisting of a hard coded
username and password. All of the logging in/out is internal to
the framework. Nowhere in the simple auth version does one have to
deal with roles, or account creation, a user provided account
structure, and all of linkage of the native Rife user handing into
that extra metadata, etc.
Even which participant to start the session managers in is not too
obvious (at least to me) -- these are factory methods so they
should inherently be started only once.. but should there be a
small shim bean that does these various one-time setups? How do I
invoke it... can I "inject" the startup of these managers in the
participants.xml file like CreateCrudStructureParticipant and have
the Rife do it for me..? (certainly seems like a good place)
This seems to be at the crux of developing a full commercial web
applications with Rife, where a working example that demonstrated a
simple but non-trivial DB based user registration and validation
system would really make everything a lot clearer.
best regards,
David
PS: In fact, in wrestling with this for a couple of days, this
seems almost like a CRUD-like autogeneration problem that the
framework itself should provide like it does other metadata... the
user provides an Account structure with all the meta data, there a
bunch of setters to tell the framework which are key fields (like
if the username is a user-supplied string, or an email address) and
what fields are mandatory and how they should be validated... and
then you're off and running. Of course, the background issue
about non-self-contained authentication is still there (i.e., for
corporate or other applications where you need to auth against an
outside store such as ActiveDirectory or LDAP) but that's solvable
in a similar fashion by having the user provide a hook to an
external lib and a template fragment to collect their appropriate
authorization tokens needed by the outside system... still it
could all be almost transparent to the user...
On Dec 5, 2006, at 2:01 AM, Geert Bevin wrote:
Hi David,
did you look at the jumpstart? It's not setup for DB
authentication and uses memory authentication instead. The change
is simply done by using the rife/authenticated/database.xml
element instead of rife/authenticated/memory.xml. You'll also have
to remove the ParticipantMemoryUsers participant since your user
credentials will now come from the database.
To install the database structure you can use the install methods
of the related managers:
com.uwyn.rife.authentication.credentialsmanagers.DatabaseUsers.instal
l()
com.uwyn.rife.authentication.sessionmanagers.DatabaseSessions.install
()
com.uwyn.rife.authentication.remembermanagers.DatabaseRemember.instal
l()
You can get instances of these managers by using their factories.
This installation logic is typically done in your own participant.
Finally, you'll have to indicate to the authentication element
what the datasource is that it needs to use by adding the
datasource property:
<element id="DbAuth" extends="rife/authenticated/database.xml">
<property name="datasource"><datasource>postgresql</datasource></
property>
...
</element>
You'll find more information here:
http://rifers.org/wiki/display/RIFE/GuideDatabaseUsers
Hope this helps,
Geert
On 05 Dec 2006, at 07:18, David HM Spector wrote:
Does anyone have a minimal self-contained DB-based authorization
web app example they could share...?
I am trying to work through the one in both the Live Users Guide
and the sources in the Rife-1.5 examples, but there's enough left
out that if you're not familiar with all of the insides of Rife
(and you're still learning you way around Rife to begin with),
its really tough to get how all of it works...
regards,
David
--------------------------------------------------------------------
-----------------------
David HM Spector
spector (at) zeitgeist.com
http://www.zeitgeist.com/
~ ~ ~
"New and stirring things are belittled because if they are not
belittled, the
humiliating question arises, 'Why then are you not taking part in
them?'"
--H. G. Wells
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users
--
Geert Bevin
Uwyn "Use what you need" - http://uwyn.com
RIFE Java application framework - http://rifers.org
Music and words - http://gbevin.com
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users
----------------------------------------------------------------------
---------------------
David HM Spector
spector (at) zeitgeist.com
http://www.zeitgeist.com/
voice: +1 631.261.5013
fax: +1 212.656.1443
~ ~ ~
"New and stirring things are belittled because if they are not
belittled, the
humiliating question arises, 'Why then are you not taking part in
them?'"
--H. G. Wells
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users
--
Geert Bevin
Uwyn "Use what you need" - http://uwyn.com
RIFE Java application framework - http://rifers.org
Music and words - http://gbevin.com
_______________________________________________
Rife-users mailing list
[email protected]
http://lists.uwyn.com/mailman/listinfo/rife-users
