Creating a customRealm makes it possible to enter credentials through your own API.
Example: Creating a customRealm from information in the URL.
The user wishes to start the application via a http://host/mywebapp/index.jsp?login=myuser&password=mypassword type URL.
Example of main servlet index.jsp encapsulation:
<%@taglib prefix="t" tagdir="/WEB-INF/tags" %> <%@ taglib prefix="adelwagon" uri="http://adelwagon.adelia.hardis.com/adelwagon" %> <adelwagon:pushCustomVariable key="login"><%=request.getParameter("login")%></adelwagon:pushCustomVariable> <adelwagon:pushCustomVariable key="password" cipher="true"><%=request.getParameter("password")%></adelwagon:pushCustomVariable> <t:adeliaDesktop title="Adelia Desktop" desktopName="default" frameOptions="SAMEORIGIN"> <jsp:attribute name="head_header"> <adelwagon:customSessionVariables/> <link href="logo/logo.css" rel="stylesheet" type="text/css"/> </jsp:attribute> <jsp:attribute name="head_footer"> </jsp:attribute><jsp:attribute name="body_header"> </jsp:attribute><jsp:attribute name="body_footer"> </jsp:attribute> </t:adeliaDesktop>
|
Example: MyCustomRealm
'key, value' pairs are retrieved with the API. When the attribute is <key,value> type, the value is retrieved by prefixing the key with custom:
String this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.key")
An encoded value is retrieved with the API:
String WagonCipher.getInstance().decode(String); An encoded value is {RSA} type....
If the value is not prefixed by {RSA} the API returns the past value
WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login"));
package mypackage.realms; import java.util.HashMap; import java.util.Map; import com.hardis.adelia.cloud.security.ICommonRealmInformations; import com.hardis.adelia.cloud.security.ICommonRealmInformations.InputMsgType; import com.hardis.wagon.runtime.Application; import com.hardis.wagon.runtime.communication.InputMessage.MSGType; import com.hardis.wagon.runtime.security.AbstractSecurityRealm; import com.hardis.wagon.runtime.security.SecurityResponse; import com.hardis.wagon.runtime.security.WagonCipher; public class MyCustomRealm extends AbstractSecurityRealm { String requestLogin; String requestPassword; private boolean firstAttempt; public RequestRealm() { } @Override public final void init(Application application, String realName, Map<String, String> parameters) { super.init(application, realName, parameters); /* */ requestLogin = (String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login"); /* we can always encapsulate with WagonCipher.getInstance().decode() as the API support null value and recognize non ciphered data */ * requestLogin = WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.login")); */ requestPassword = WagonCipher.getInstance().decode((String) this.getSessionContext().getMainContainerConfiguration().getAttributes().get("custom.password")); /* in case of requestRealm, only one attempt is done. In case of invalid credentials, user will be redirect to the logout page */ this.firstAttempt = true; } @Override protected SecurityResponse sendAuthRequest(Map<String, String> realmEntries) { if (this.firstAttempt) { /* in case of requestRealm, only one attempt is done. In case of invalid credentials, user will be redirect to the logout page */ this.firstAttempt = false; Map<String, String> data = new HashMap<String, String>(); data.put(ICommonRealmInformations.LOGIN, requestLogin); data.put(ICommonRealmInformations.PASSWORD, requestPassword); data.put(ICommonRealmInformations.ACTION, InputMsgType.AUTHENTICATION.toString()); return new SecurityResponse(MSGType.AUTH_RESPONSE, data); } else { return new SecurityResponse(MSGType.AUTH_ABORT, null); } } }
|