Jon and Jason, thanks for suggesting scarab and flux as
examples. In both cases, I was able to install and
build them, but I got stack traces when I tried using
them. Debugging those seemed to be taking me too far
out of the scope of my present task, so I stopped there.
Cameron, thanks for your detailed reply. Your pointers
eventually lead me to my solution.
The critical detail:
It appears that the default build scripts use encrypted
passwords when creating the turbine user, whereas the
TurbineResources.properties defaults to:
services.TurbineSecurityService.secure.passwords=false
This is the case in both the turbine source and in TDK
1.1a11.
Therefore, when working with the defaults, the
LoginUser action always throws a
TurbineSecurityException (for a bad password).
Solution: either change the password in the database,
or to change ...secure.passwords=true
For completeness and for the list archives, here's my
solution -- only tested on linux:
1. Download and unpack tdk-1.1a11
2. Edit tdk/newapp.props
set turbine.app.type=peer
3. run the newapp script
% ./newapp.sh test
4. follow the instructions to build the test app
At this point you should be able to see a simple
database application, but there's no login happening
yet.
5. create Login.vm (see details below)
<!-- begin tdk/webapps/templates/screens/Login.vm -->
#if ($data.Message)
<blockquote>
$data.Message
</blockquote>
#end
<form method="post" action="$link.setPage("Index.vm")">
<pre>
username <input type="text" name="username">
password <input type="password" name="password">
<input type="hidden" name="action" value="LoginUser">
<input type="submit" value="login">
</pre>
<form>
<!-- end Login.vm -->
6. modify the TurbineResources.properties
template.homepage=/Login.vm
template.login=/Login.vm
action.sessionvalidator=sessionvalidator.TemplateSecureSessionValidator
services.TurbineSecurityService.secure.passwords=true
7. restart the tdk
% tdk/bin/shutdown.sh
% tdk/bin/startup.sh
8. wait a few moments to let turbine initialize, then
point your browser to:
http://localhost:8080/test/servlet/test
You should be able to login with username "turbine" and
password "turbine". You should not be able to log in
with any other username and password.
Having followed these instructions and seen user
authentication in action, here's what to expect as your
next stumbling block.
Right now you have only one user in your database. As
currently configured, adding users will require you to
figure out how encrypt the passwords you store in the
database. If you're not ready for that project, here's
a work-around while you familiarize yourself with
turbine.
1. modify the TurbineResources.properties
services.TurbineSecurityService.secure.passwords=false
2. change the turbine users's password in the database
itself to a non-encrypted value. This SQL might help:
"update TURBINE_USER
set PASSWORD_VALUE='turbine'
where USER_ID = 1"
Now you can add other users to your database and focus
on learning other parts of turbine. But before you
take your app into production, you should revisit the
secure passwords.
Hope that helps more than it confuses.
-Eric
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
