esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Hirsch <hirsch.d...@gmail.com>
Subject Container-based authentication
Date Fri, 08 Jan 2010 12:32:36 GMT
Been thinking a lot about container based authentication - primarily,
because of my interest in the CAS integration which is necessary for
an OFBiz integration (search for OFBizCasAuthenticationHandler.java
class for details)

Here a few thoughts.

in J2EE, the way to get the user is via the following code:

 java.security.Principal principal = request.getUserPrincipal();
    if(principal != null) {
        String username = principal.getName();
        // usw. usf.
    }

If we used the UserPwdAuthModule in UserAuth.scala as a basis, we
could use the following code combined with the code above to get the
user:

            user <- UserAuth.find(By(UserAuth.authKey, name),
                                  By(UserAuth.authType,
moduleName)).flatMap(_.user.obj) or
            User.find(By(User.nickname, name))

We could take use the S object in lift to get the request and then get
the UserPrincipal.  Probably with "S.request"

The only I don't know is how to make this Container-based authmodule
be the default that works without a UI that implicitly calls it.

One idea is to remove  the following lines from Boot.scala
    UserAuth.register(UserPwdAuthModule)
    UserAuth.register(OpenIDAuthModule)

and replace them with
   UserAuth.register(ContaionerAuthModule)


Anyone have any ideas / thoughts?

D.

Mime
View raw message