[Lift] Re: HTTP Authentication Example
Hey Darren - no worries. I cant take all the credit, marius has been working on this too :-) On Nov 26, 11:08 pm, Darren Hague [EMAIL PROTECTED] wrote: Tim, Thanks for doing this - I look forward to having a play with it myself. We want to abstract the OpenID user authentication out of ESME, so we can plug in authentication systems, or even just delegate to J2EE container-based authentication instead. It looks like your work can help us get there. Best regards, Darren On Nov 26, 12:15 am, Tim Perrett [EMAIL PROTECTED] wrote: Awesome - anything you can do would be great. I've commited an example application into the sites dir of that branch. Cheers, Tim On Nov 25, 10:31 pm, Derek Chen-Becker [EMAIL PROTECTED] wrote: I'll try it out tomorrow if I can open up some time, but I can't promise anything. Derek --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
I just noticed your commit today with this stuff. Looks great! I like the hook in LiftRules :) Derek On Sat, Nov 22, 2008 at 3:50 PM, Derek Chen-Becker [EMAIL PROTECTED]wrote: I like partial functions :) The really nice thing is that you can use matching. Looks good! Derek On Sat, Nov 22, 2008 at 7:47 AM, Tim Perrett [EMAIL PROTECTED] wrote: Ok, i've refactored a whole bunch of stuff. I used a partial function :-) All a user need to now is something like: object SimpleBasicAuth extends HttpBasicAuthentication { def verified_? = { case((user, pass, req)) = { if(user == tim pass == badger){ true } else { false } } } } Obviously this would be replaced by a database, or cache lookup or something - what you rekon? Now I just need to get on to writing the trait for digest processing. Feedback appreciated :) Cheers, Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
That was marius's smart idea :) If you can have a play with the branch, it would be great to get some feedback. Cheers, Tim On 25 Nov 2008, at 21:55, Derek Chen-Becker wrote: I just noticed your commit today with this stuff. Looks great! I like the hook in LiftRules :) Derek --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
Awesome - anything you can do would be great. I've commited an example application into the sites dir of that branch. Cheers, Tim On Nov 25, 10:31 pm, Derek Chen-Becker [EMAIL PROTECTED] wrote: I'll try it out tomorrow if I can open up some time, but I can't promise anything. Derek --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
Hey Derek, Thats great feedback! Cheers! The main reason I hadnt manage to get away from case class or such because i had: val header = Can !! request.request.getHeader(Authorization) in the base trait. This is such common functionality I dont really want to repeat stuff like that, so thats why i was looking at some way of making it work without a) repeating that stuff, and b) using objects rather than class / case class. I'll noodle this a bit more, but if you have any input that would be awesome. Cheers, Tim On Nov 22, 5:58 am, Derek Chen-Becker [EMAIL PROTECTED] wrote: On second thought the PasswordLookup should really be an authentication function so that you can handle hashed passwords in the DB: trait HttpAuth { type Authenticate = (String,String) = Boolean ... } On Fri, Nov 21, 2008 at 4:33 PM, Derek Chen-Becker [EMAIL PROTECTED]wrote: I'm getting a type mismatch, so I assume that's what you mean by dispatching code. It almost looks like you're mixing up object and class apply semantics, since your call looks like case r @ Req(badger :: Nil, , _) = new SimpleHttpBasicAuth(r){ PlainTextResponse(DFGDF) } The first problem is that the syntax you're using for SimpleHttpBasicAuth is defining a new anonymous class, and it's not clear to me that that's what you want. The second problem is that in your SimpleHttpBasicAuth class you are asking for the request in the constructor *and* in the apply method inherited from the HttpBasicAuthentication, so this syntax isn't going to call apply, which *does* appear to be what you want. I'm not sure that instantiating a new class for each request is the best approach. If you don't mind me tossing in my two cents, here's how I might implement this: trait HttpAuth { type PasswordLookup = (String) = String def apply(req : Req, realm : String, lookup : PasswordLookup)(success: = LiftResponse) : () = Can[LiftResponse] } object SimpleHttpAuth extends HttpAuth { override apply(...)(...) = () = { // check to see if auth was even sent // compare realms // extract user, compare sent password against lookup } } object DigestHttpAuth extends HttpAuth { ... } Just a rough idea, but from what I gather there's no need to use anything other than static methods here since you really don't need to keep state around (technically we need to remember recent nonces for Digest auth, but that can easily be global). In any case, it looks interesting so far. Derek On Fri, Nov 21, 2008 at 7:22 AM, Tim Perrett [EMAIL PROTECTED] wrote: Guys, Im working on this http auth stuff - the code I have so far can be found here: http://github.com/timperrett/lift-http-auth-example/tree/master Right now i have a very strange error occurring with the dispatching code - i would appreciate it if someone can download it, take a look, and give some feedback on the direction im going with this. Cheers Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
I suppose I have a preference for objects when state is not important. Perhaps you could use def header(request : Req) = Can !! request.request.getHeader(Authorization) and in the apply methods you can use Can.map to process it: def apply(req : Req, realm : String, authFunc : Authenticate)(...) = header(req).map { authHeader = ... } openOr { UnauthorizedResponse(...) } In any case I'm looking forward to seeing how this works out. Derek On Sat, Nov 22, 2008 at 3:52 AM, Tim Perrett [EMAIL PROTECTED] wrote: Hey Derek, Thats great feedback! Cheers! The main reason I hadnt manage to get away from case class or such because i had: val header = Can !! request.request.getHeader(Authorization) in the base trait. This is such common functionality I dont really want to repeat stuff like that, so thats why i was looking at some way of making it work without a) repeating that stuff, and b) using objects rather than class / case class. I'll noodle this a bit more, but if you have any input that would be awesome. Cheers, Tim On Nov 22, 5:58 am, Derek Chen-Becker [EMAIL PROTECTED] wrote: On second thought the PasswordLookup should really be an authentication function so that you can handle hashed passwords in the DB: trait HttpAuth { type Authenticate = (String,String) = Boolean ... } On Fri, Nov 21, 2008 at 4:33 PM, Derek Chen-Becker [EMAIL PROTECTED]wrote: I'm getting a type mismatch, so I assume that's what you mean by dispatching code. It almost looks like you're mixing up object and class apply semantics, since your call looks like case r @ Req(badger :: Nil, , _) = new SimpleHttpBasicAuth(r){ PlainTextResponse(DFGDF) } The first problem is that the syntax you're using for SimpleHttpBasicAuth is defining a new anonymous class, and it's not clear to me that that's what you want. The second problem is that in your SimpleHttpBasicAuth class you are asking for the request in the constructor *and* in the apply method inherited from the HttpBasicAuthentication, so this syntax isn't going to call apply, which *does* appear to be what you want. I'm not sure that instantiating a new class for each request is the best approach. If you don't mind me tossing in my two cents, here's how I might implement this: trait HttpAuth { type PasswordLookup = (String) = String def apply(req : Req, realm : String, lookup : PasswordLookup)(success: = LiftResponse) : () = Can[LiftResponse] } object SimpleHttpAuth extends HttpAuth { override apply(...)(...) = () = { // check to see if auth was even sent // compare realms // extract user, compare sent password against lookup } } object DigestHttpAuth extends HttpAuth { ... } Just a rough idea, but from what I gather there's no need to use anything other than static methods here since you really don't need to keep state around (technically we need to remember recent nonces for Digest auth, but that can easily be global). In any case, it looks interesting so far. Derek On Fri, Nov 21, 2008 at 7:22 AM, Tim Perrett [EMAIL PROTECTED] wrote: Guys, Im working on this http auth stuff - the code I have so far can be found here: http://github.com/timperrett/lift-http-auth-example/tree/master Right now i have a very strange error occurring with the dispatching code - i would appreciate it if someone can download it, take a look, and give some feedback on the direction im going with this. Cheers Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
Ok, i've refactored a whole bunch of stuff. I used a partial function :-) All a user need to now is something like: object SimpleBasicAuth extends HttpBasicAuthentication { def verified_? = { case((user, pass, req)) = { if(user == tim pass == badger){ true } else { false } } } } Obviously this would be replaced by a database, or cache lookup or something - what you rekon? Now I just need to get on to writing the trait for digest processing. Feedback appreciated :) Cheers, Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
I like partial functions :) The really nice thing is that you can use matching. Looks good! Derek On Sat, Nov 22, 2008 at 7:47 AM, Tim Perrett [EMAIL PROTECTED] wrote: Ok, i've refactored a whole bunch of stuff. I used a partial function :-) All a user need to now is something like: object SimpleBasicAuth extends HttpBasicAuthentication { def verified_? = { case((user, pass, req)) = { if(user == tim pass == badger){ true } else { false } } } } Obviously this would be replaced by a database, or cache lookup or something - what you rekon? Now I just need to get on to writing the trait for digest processing. Feedback appreciated :) Cheers, Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: HTTP Authentication Example
I'm getting a type mismatch, so I assume that's what you mean by dispatching code. It almost looks like you're mixing up object and class apply semantics, since your call looks like case r @ Req(badger :: Nil, , _) = new SimpleHttpBasicAuth(r){ PlainTextResponse(DFGDF) } The first problem is that the syntax you're using for SimpleHttpBasicAuth is defining a new anonymous class, and it's not clear to me that that's what you want. The second problem is that in your SimpleHttpBasicAuth class you are asking for the request in the constructor *and* in the apply method inherited from the HttpBasicAuthentication, so this syntax isn't going to call apply, which *does* appear to be what you want. I'm not sure that instantiating a new class for each request is the best approach. If you don't mind me tossing in my two cents, here's how I might implement this: trait HttpAuth { type PasswordLookup = (String) = String def apply(req : Req, realm : String, lookup : PasswordLookup)(success: = LiftResponse) : () = Can[LiftResponse] } object SimpleHttpAuth extends HttpAuth { override apply(...)(...) = () = { // check to see if auth was even sent // compare realms // extract user, compare sent password against lookup } } object DigestHttpAuth extends HttpAuth { ... } Just a rough idea, but from what I gather there's no need to use anything other than static methods here since you really don't need to keep state around (technically we need to remember recent nonces for Digest auth, but that can easily be global). In any case, it looks interesting so far. Derek On Fri, Nov 21, 2008 at 7:22 AM, Tim Perrett [EMAIL PROTECTED] wrote: Guys, Im working on this http auth stuff - the code I have so far can be found here: http://github.com/timperrett/lift-http-auth-example/tree/master Right now i have a very strange error occurring with the dispatching code - i would appreciate it if someone can download it, take a look, and give some feedback on the direction im going with this. Cheers Tim --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---