[opencms-dev] How to login user
fhsubscriptions at componio.net
fhsubscriptions at componio.net
Tue Jul 23 23:25:44 CEST 2013
Hi Jakub,
simply extend the
http://files.opencms.org/javadoc/core/org/opencms/security/CmsDefaultAuthorizationHandler.html
and do something like the following.
Finally register the authorization handler via opencms-system.xml (look
for <authorizationhandler
class="org.opencms.security.CmsDefaultAuthorizationHandler">)
\Fabian
@Override
public CmsObject initCmsObject(HttpServletRequest request)
{
CmsObject cms = checkBasicAuthorization(request);
if (cms != null) {
try {
// register the session into OpenCms and
return registerSession(request, cms);
} catch (CmsException e) {
// ignore and treat the whole login process as failed
}
}
// failed
return null;
}
@Override
protected CmsObject checkBasicAuthorization(HttpServletRequest
request) {
try {
Cookie rememberUser = <get your cookie>;
boolean checkCookie = false;
String cookieUser = null;
... verify cookie and extract user ...
if (!checkCookie){
return super.checkBasicAuthorization(request);
} else {
CmsContextInfo contextInfo = new CmsContextInfo("Admin");
CmsObject cmso = OpenCms.initCmsObject(cms, contextInfo);
CmsObject cms =
OpenCms.initCmsObject(OpenCms.getDefaultUsers().getUserGuest());
// Try to read the cookie extracted user
CmsUser user = cmso.readUser(userId);
CmsContextInfo ctx = new CmsContextInfo(user,
cms.getRequestContext().getCurrentProject(),
cms.getRequestContext().getUri(), cms.getRequestContext().getSiteRoot(),
cms.getRequestContext().getLocale(),
cms.getRequestContext().getEncoding(),
cms.getRequestContext().getRemoteAddress(),
cms.getRequestContext().getRequestTime(),
cms.getRequestContext().getOuFqn());
cms = OpenCms.initCmsObject(cmso, ctx);
request.getSession(true);
return cms;
}
catch(<all proper exceptions>) {}
return null;
}
Am 21.07.13 09:47, schrieb Jakub Jec(mínek:
> Hi,
> I'm trying to develope a "remember me" functionality to OpenCms based
> on cookies and the best practices described here
> http://jaspan.com/improved_persistent_login_cookie_best_practice.
> Only problem that I have is that I don't know how to login user
> programatically after it was verified that his cookie is valid. I know
> that there is method
> loginUser(java.lang.String username, java.lang.String password) on
> CmsObject. But this requires knowledge of user's password and I don't
> want to store user's password in the cookie for security reasons, not
> even if it was hashed. Is there any other way how to login user
> programatically? Or has anybody tried to create this functionality in
> the OpenCms?
>
> Thanks.
>
> Jakub Jec(mínek
> ------------------------------------------------
> NELASOFT Technologies, s.r.o.
> Mob: +420 604 575 772
> E-mail: jakub.jecminek at nelasoft.cz <mailto:jakub.jecminek at nelasoft.cz>
> Web: www.nelasoft.cz <http://www.nelasoft.cz/>
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20130723/0b6b288d/attachment.htm>
More information about the opencms-dev
mailing list