Code wiki

Creating a customRealm makes it possible to enter credentials through your own API.

Example: Creating a customRealm from information in the URL.

The user wishes to start the application via a http://host/mywebapp/index.jsp?login=myuser&password=mypassword type URL.

Example of main servlet index.jsp encapsulation:

<%@taglib prefix="t" tagdir="/WEB-INF/tags" %>

<%@ taglib prefix="adelwagon" uri="http://adelwagon.adelia.hardis.com/adelwagon" %>

<adelwagon:pushCustomVariable key="login"><%=request.getParameter("login")%></adelwagon:pushCustomVariable>

<adelwagon:pushCustomVariable key="password" cipher="true"><%=request.getParameter("password")%></adelwagon:pushCustomVariable>

<t:adeliaDesktop title="Adelia Desktop" desktopName="default" frameOptions="SAMEORIGIN">

<jsp:attribute name="head_header">

<adelwagon:customSessionVariables/>

</jsp:attribute>

<jsp:attribute name="head_footer">

</jsp:attribute><jsp:attribute name="body_header">

</jsp:attribute><jsp:attribute name="body_footer">

</jsp:attribute>

</t:adeliaDesktop>

Example: MyCustomRealm

'key, value' pairs are retrieved with the API. When the attribute is <key,value> type, the value is retrieved by prefixing the key with custom:

String this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.key")

An encoded value is retrieved with the API:

String WagonCipher.getInstance().decode(String); An encoded value is {RSA} type....

If the value is not prefixed by {RSA} the API returns the past value

WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login"));

package mypackage.realms;

import java.util.HashMap;

import java.util.Map;

import com.hardis.adelia.cloud.security.ICommonRealmInformations;

import com.hardis.adelia.cloud.security.ICommonRealmInformations.InputMsgType;

import com.hardis.wagon.runtime.Application;

import com.hardis.wagon.runtime.communication.InputMessage.MSGType;

import com.hardis.wagon.runtime.security.AbstractSecurityRealm;

import com.hardis.wagon.runtime.security.SecurityResponse;

import com.hardis.wagon.runtime.security.WagonCipher;

public class MyCustomRealm extends AbstractSecurityRealm {

String requestLogin;

String requestPassword;

private boolean firstAttempt;

public RequestRealm() {

}

@Override

public final void init(Application application, String realName, Map<String, String> parameters) {

super.init(application, realName, parameters);

/* */

requestLogin = (String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login");

/* we can always encapsulate with WagonCipher.getInstance().decode() as the API support null value and recognize non ciphered data */

* requestLogin = WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login"));

*/ requestPassword = WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.password"));

/* in case of requestRealm, only one attempt is done. In case of invalid credentials, user will be redirect to the logout page */

this.firstAttempt = true;

}

@Override

protected SecurityResponse sendAuthRequest(Map<String, String> realmEntries) {

if (this.firstAttempt) {

/* in case of requestRealm, only one attempt is done. In case of invalid credentials, user will be redirect to the logout page */

this.firstAttempt = false;

Map<String, String> data = new HashMap<String, String>();

data.put(ICommonRealmInformations.LOGIN, requestLogin);

data.put(ICommonRealmInformations.PASSWORD, requestPassword);

data.put(ICommonRealmInformations.ACTION, InputMsgType.AUTHENTICATION.toString());

return new SecurityResponse(MSGType.AUTH_RESPONSE, data);

} else {

return new SecurityResponse(MSGType.AUTH_ABORT, null);

}

↑ Top of page