esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Hirsch <hirsch.d...@gmail.com>
Subject Re: Container-based authentication
Date Fri, 08 Jan 2010 15:12:49 GMT
On Fri, Jan 8, 2010 at 3:38 PM, Daniel Koller <dakoller@googlemail.com> wrote:
> ...only a short remark: that would also ease the task to enable Win NT
> authentication. (because NT auth is then just a matter of container
> configuration).
> AFAIK there recipes already how to make it work on Tomcat.
>
> However we should look what this means for the task of role management.

We are waiting for LDAP to come to Lift before moving more in this
direction. But you might also want to take a look at Ethan's work
regarding the admin role. In the threads discussing his work, we also
talked about groups / roles...
>
> Kind regards,
>
> Daniel
>
> 8. Jan 2010 1:33 nachm. schrieb am "Richard Hirsch" <hirsch.dick@gmail.com>:
>
> Been thinking a lot about container based authentication - primarily,
> because of my interest in the CAS integration which is necessary for
> an OFBiz integration (search for OFBizCasAuthenticationHandler.java
> class for details)
>
> Here a few thoughts.
>
> in J2EE, the way to get the user is via the following code:
>
>  java.security.Principal principal = request.getUserPrincipal();
>   if(principal != null) {
>       String username = principal.getName();
>       // usw. usf.
>   }
>
> If we used the UserPwdAuthModule in UserAuth.scala as a basis, we
> could use the following code combined with the code above to get the
> user:
>
>           user <- UserAuth.find(By(UserAuth.authKey, name),
>                                 By(UserAuth.authType,
> moduleName)).flatMap(_.user.obj) or
>           User.find(By(User.nickname, name))
>
> We could take use the S object in lift to get the request and then get
> the UserPrincipal.  Probably with "S.request"
>
> The only I don't know is how to make this Container-based authmodule
> be the default that works without a UI that implicitly calls it.
>
> One idea is to remove  the following lines from Boot.scala
>   UserAuth.register(UserPwdAuthModule)
>   UserAuth.register(OpenIDAuthModule)
>
> and replace them with
>  UserAuth.register(ContaionerAuthModule)
>
>
> Anyone have any ideas / thoughts?
>
> D.
>

Mime
View raw message