[opencms-dev] How to login user
Jakub Ječmínek
jakub.jecminek at nelasoft.cz
Wed Jul 24 08:17:17 CEST 2013
Hi,
thank you all for suggestions, I was outside office, but I will try to use
it.
Thanks you again for help.
Jakub Ječmínek
------------------------------------------------
NELASOFT Technologies, s.r.o.
Mob: +420 604 575 772
E-mail: jakub.jecminek at nelasoft.cz
Web: www.nelasoft.cz
2013/7/23 fhsubscriptions at componio.net <fhsubscriptions at componio.net>
> Hi Jakub,
>
> simply extend the
> http://files.opencms.org/javadoc/core/org/opencms/security/CmsDefaultAuthorizationHandler.htmland do something like the following.
> Finally register the authorization handler via opencms-system.xml (look
> for <authorizationhandler
> class="org.opencms.security.CmsDefaultAuthorizationHandler">)
>
> \Fabian
>
> @Override
> public CmsObject initCmsObject(HttpServletRequest request)
> {
> CmsObject cms = checkBasicAuthorization(request);
>
> if (cms != null) {
> try {
> // register the session into OpenCms and
> return registerSession(request, cms);
> } catch (CmsException e) {
> // ignore and treat the whole login process as failed
> }
> }
>
> // failed
> return null;
> }
>
> @Override
> protected CmsObject checkBasicAuthorization(HttpServletRequest
> request) {
>
> try {
>
> Cookie rememberUser = <get your cookie>;
> boolean checkCookie = false;
> String cookieUser = null;
>
> ... verify cookie and extract user ...
>
> if (!checkCookie){
> return super.checkBasicAuthorization(request);
> } else {
>
>
> CmsContextInfo contextInfo = new CmsContextInfo("Admin");
> CmsObject cmso = OpenCms.initCmsObject(cms, contextInfo);
> CmsObject cms =
> OpenCms.initCmsObject(OpenCms.getDefaultUsers().getUserGuest());
>
>
> // Try to read the cookie extracted user
> CmsUser user = cmso.readUser(userId);
> CmsContextInfo ctx = new CmsContextInfo(user,
> cms.getRequestContext().getCurrentProject(),
> cms.getRequestContext().getUri(), cms.getRequestContext().getSiteRoot(),
> cms.getRequestContext().getLocale(), cms.getRequestContext().getEncoding(),
> cms.getRequestContext().getRemoteAddress(),
> cms.getRequestContext().getRequestTime(),
> cms.getRequestContext().getOuFqn());
>
> cms = OpenCms.initCmsObject(cmso, ctx);
> request.getSession(true);
> return cms;
>
> }
> catch(<all proper exceptions>) {}
>
>
> return null;
> }
>
> Am 21.07.13 09:47, schrieb Jakub Ječmínek:
>
> Hi,
> I'm trying to develope a "remember me" functionality to OpenCms based on
> cookies and the best practices described here
> http://jaspan.com/improved_persistent_login_cookie_best_practice.
> Only problem that I have is that I don't know how to login user
> programatically after it was verified that his cookie is valid. I know that
> there is method
> loginUser(java.lang.String username, java.lang.String password) on
> CmsObject. But this requires knowledge of user's password and I don't want
> to store user's password in the cookie for security reasons, not even if it
> was hashed. Is there any other way how to login user programatically? Or
> has anybody tried to create this functionality in the OpenCms?
>
> Thanks.
>
> Jakub Ječmínek
> ------------------------------------------------
> NELASOFT Technologies, s.r.o.
> Mob: +420 604 575 772
> E-mail: jakub.jecminek at nelasoft.cz
> Web: www.nelasoft.cz
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visithttp://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20130724/723d41d7/attachment.htm>
More information about the opencms-dev
mailing list