Eric,
>I need to get turbine authenticating users against a
>database for a proof-of-concept application I'm
This is long winded and there are probably better ways of doing this as well
as many differant ways, but I hope it helps. In index.vm you can put the
following HTML,
<form method="POST">
<input type="hidden" name="action" value="acl.UserLogin" />
<font class="inner">Login Name :</font>
<input type="text" name="loginname" />
<font class="inner">Password :</font>
<input type="password" name="password" value="password" />
<input type="submit" name="submit" value="Login" />
</form>
Turbine will look for an Action called UserLogin in the
com.mycompany.modules.acl package. In the doPerform() method try to
authenticate the user by;
TurbineUser user =
(TurbineUser)TurbineSecurity.getAuthenticatedUser(username, password);
if there is an error with the database, a DataBackendException will be
thrown, if the user's account is not in the Database a
UnknownEntityException is thrown and if the username is correct but the
password isnt, a PasswordMisMatchException is thrown. Put them in try/catch
blocks and TurbineSecurity can work out for you why a User failed if they
do. Once they are authenticated I turn the User attribute hasLoggedIn() to
true and save the user to session. Some pseudo code;
public void doPerform(RunData data, Context context) throws Exception
{
ParameterParser params = data.getParameters();
String loginname = params.getString("loginname");
String password = params.getString("password");
try
{
TurbineUser user =
(TurbineUser)TurbineSecurity.getAuthenticatedUser(loginname, password);
//put User into Session
data.setUser(user);
//Mark the user as logged in
user.setHasLoggedIn(new Boolean(true));
// Set the last_login date in the database.
user.updateLastLogin();
//add to the access counter
user.incrementAccessCounter();
//add to the access counter for the session
user.incrementAccessCounterForSession();
//set up the AccessControlLists
AccessControlList acl = data.getACL();
if ( acl == null )
{
acl = TurbineSecurity.getACL( data.getUser() );
data.getSession().putValue( AccessControlList.SESSION_KEY,
(Object)acl );
}
data.setACL(acl);
// Save the User object into session
data.save();
data.setMessage("Successfully logged in.");
setTemplate(data, "acl,LoginStatus.vm");
}
catch (DataBackendException e)
{
data.setMessage("Unable to connect to the Database");
setTemplate(data, "acl,LoginStatus.vm");
}
catch (UnknownEntityException e)
{
data.setMessage("No account by that name in this system.");
setTemplate(data, "acl,LoginStatus.vm");
}
catch (PasswordMismatchException e)
{
data.setMessage("The password entered is incorrect.");
setTemplate(data, "acl,LoginStatus.vm");
}
}
This will output to a Velocity template in
webapps/<appname>/templates/screens/LoginStatus.vm, have in the template;
<p>
$data.getMessage()
</p>
<p>
#set ( $user = $data.getUser())
<br>$user.getFirstName() $user.getLastName()
<br>$user.getHasLoggedIn()
</p>
Have a look in the Javadocs for RunData, TurbineUser and TurbineSecurity,
they expose everything you should need. There are other methods in
TurbineSecurity too which can authenticate a User, check if their account
exists, create a new account and so on.
Cameron Riley
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
