Not the answer I wanted to hear :)
So, lets say hypothetically that I want slide to delegate authentication from
somewhere else, is this at all feasible? For example, I have a Apache-Turbine
application which has its own authentication mechanism. Is it possible to
rewrite some of the slide code to support authentication through Turbine's
means? Say I'm logged in in my application, could I rewrite slide to carry over
those credentials from that session? It would be cool if slide had pluggable
authentication - LDAP, servlet container, etc.... Or is the servlet container
the only authentication method possible?
Does this make any sense to you??? I haven't really looked at the code yet for
the server end of slide, so I am very uniformed...
Dan Diephouse
Remy Maucherat wrote:
> HTTP authentication is passive. Unless you enable it on the server by
> uncommenting the constraint in the web.xml file, nothing will happen.
> Apparently, that's what happens here (you're still guest since nobody was
> authenticated). OTOH, once HTTP auth is active, you don't have the concept
> of unauthenticated user.
>
> Slide fully delegates the auth to the servlet container, and uses the
> getUserPrincipal call to retrive the Principal object. If that returns null,
> that means that auth is inactive in the container, and it will use a guest
> user to perform all operations (/users/guest here).
>
> Note: Of course, you still need to update your realm so that root/mypass are
> a valid set of credentials.
>
> Remy
