Custom authentication code In XavaPro 7.0 you can define your own logic for user authentication. For that you have to create a class that implements the ISignInHelperProvider interface. The typical case is to refine the standard way XavaPro authenticates users, for that extend ProSignInHelperProvider, in this way: package com.mycompany.myapp.impl;
import javax.servlet.*;
import org.openxava.util.*;
import com.openxava.naviox.impl.*;
public class MyCustomSignInHelperProvider extends ProSignInHelperProvider {
@Override
public boolean isAuthorized(
ServletRequest request, String userName,
String password, Messages errors, String unauthorizedMessage)
{
// This is your custom authentication logic
if (userName.equals("admin") && password.equals("masterkey")) {
return true;
}
// In the next line we rely in the default XavaPro authentication logic
return super.isAuthorized(
request, userName, password, errors, unauthorizedMessage);
}
}
In this case the logic is simple, if the user type "masterkey" as password for "admin" user it access to the application as "admin", otherwise the regular authentication logic of XavaPro is applied. However, here you can write any logic you want, including calling web services, reading your own users database, consulting your LDAP directory in the way you want, etc. In order your application uses the above class for authentication you have to add the next entry in the naviox.properties file of your project: signInHelperProviderClass=com.mycompany.myapp.impl.MyCustomSignInHelperProvider
|