Re: Authentication framework and user bean

Fri, 15 Apr 2005 12:22:31 -0700 

>
> To be a little clearer,
>
> function authenticate_user()
> {
>     var user = service.authenticateUser(cocoon.request.get("username"), 
cocoon.request.get("password"));
>     if(user!=null){cocoon.session.setAttribute("user", 
user);cocoon.session.setAttribute("loggedIn", "true")}
>     cocoon.sendPage("internal/xml-user", {user : user});
> }
>
> the "internal/xml-user" is what generates teh xml for the auth-fw
>
> service is a java class I use to handle all the methods of my own user/role 
management.
>

In your code, the login process is implemented in flow script. My approach
is little bit different, I implemented only the authenticator class. For the
rest of authentication frunctionality I use existing auth fw actions in
similar way as it is described in auth fw documentation. The question is,
how can I access the session from my authenticator class in order to store
user bean?

Here are the code snippets of my implementation:

Class MyAuthenticator extends Authenticator and is configured in sitemap:

 <authentication-manager>
   <handlers>
     <handler name="portalhandler">
       <redirect-to uri="cocoon:/login"/>
       <authentication authenticator="myportal.MyAuthenticator"/>
     </handler>
   </handlers>
 </authentication-manager>


Java source of MyAuthenticator:

public class MyAuthenticator implements Authenticator, Serviceable {

...

        public AuthenticationResult authenticate(HandlerConfiguration 
configuration,
                                                 SourceParameters parameters)
        throws ProcessingException {
                String userID = parameters.getParameter("userid");
                String password = parameters.getParameter("password");

                // Create authentication XML tree
                Document doc = DOMUtil.createDocument();
                Element authElement =
                        doc.createElementNS(null, "authentication");
                doc.appendChild(authElement);

                if (verifyPasswordInDb(userID, password)) {
                        Element element = doc.createElementNS(null, "ID");
                        element.appendChild(doc.createTextNode(userID));
                        authElement.appendChild(element);

                        return new AuthenticationResult(true, doc);
                } else {
                        Element element = doc.createElementNS(null, "data");
                        element.appendChild(doc.createTextNode("Bad user name or 
password."));
                        authElement.appendChild(element);

                        return new AuthenticationResult(false, doc);
                }
        }

...

}

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to