<div dir="ltr">Hi,<div>thank you all for suggestions, I was outside office, but I will try to use it. </div><div>Thanks you again for help.</div><div><br></div><div class="gmail_extra"><div>Jakub Ječmínek<br>------------------------------------------------<br>
NELASOFT Technologies, s.r.o.<br>Mob: +420 604 575 772<br>E-mail: <a href="mailto:jakub.jecminek@nelasoft.cz" target="_blank">jakub.jecminek@nelasoft.cz</a><br>Web: <a href="http://www.nelasoft.cz" target="_blank">www.nelasoft.cz</a></div>
<br><br><div class="gmail_quote">2013/7/23 <a href="mailto:fhsubscriptions@componio.net">fhsubscriptions@componio.net</a> <span dir="ltr"><<a href="mailto:fhsubscriptions@componio.net" target="_blank">fhsubscriptions@componio.net</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi Jakub,<br>
<br>
simply extend the
<a href="http://files.opencms.org/javadoc/core/org/opencms/security/CmsDefaultAuthorizationHandler.html" target="_blank">http://files.opencms.org/javadoc/core/org/opencms/security/CmsDefaultAuthorizationHandler.html</a>
and do something like the following. <br>
Finally register the authorization handler via opencms-system.xml
(look for <authorizationhandler
class="org.opencms.security.CmsDefaultAuthorizationHandler">)<br>
<br>
\Fabian<br>
<br>
<tt> @Override</tt><tt><br>
</tt><tt> public CmsObject initCmsObject(HttpServletRequest
request) </tt><tt><br>
</tt><tt> {</tt><tt><br>
</tt><tt> CmsObject cms = checkBasicAuthorization(request);</tt><tt><br>
<br>
</tt><tt> if (cms != null) {</tt><tt><br>
</tt><tt> try {</tt><tt><br>
</tt><tt> // register the session into OpenCms and</tt><tt><br>
return registerSession(request, cms);</tt><tt><br>
</tt><tt> } catch (CmsException e) {</tt><tt><br>
</tt><tt> // ignore and treat the whole login
process as failed</tt><tt><br>
</tt><tt> }</tt><tt><br>
</tt><tt> }</tt><tt><br>
<br>
</tt><tt> // failed</tt><tt><br>
</tt><tt> return null;</tt><tt><br>
</tt><tt> }</tt><tt><br>
</tt><tt></tt><tt><br>
</tt><tt> @Override</tt><tt><br>
</tt><tt> protected CmsObject
checkBasicAuthorization(HttpServletRequest request) {</tt><tt><br>
</tt><tt></tt><tt><br>
</tt><tt> try {</tt><tt><br>
</tt><tt> <br>
Cookie rememberUser = <get your cookie>;<br>
boolean checkCookie = false;<br>
String cookieUser = null;<br>
<br>
... verify cookie and extract user ...<br>
</tt><tt><br>
</tt><tt> if (!</tt><tt>checkCookie</tt><tt>){</tt><tt><br>
</tt><tt> return
super.checkBasicAuthorization(request);</tt><tt><br>
</tt><tt> } else {</tt><tt><br>
</tt><tt><br>
</tt><br>
<tt> CmsContextInfo contextInfo = new
CmsContextInfo("Admin");<br>
</tt><tt><tt>CmsObject cmso </tt> =
OpenCms.initCmsObject(cms, contextInfo);</tt><tt><br>
</tt><tt> CmsObject cms =
OpenCms.initCmsObject(OpenCms.getDefaultUsers().getUserGuest());</tt><tt><br>
</tt><tt><br>
</tt><tt><br>
</tt><tt> // Try to read the cookie extracted user</tt><tt><br>
</tt><tt> CmsUser user = cmso.readUser(userId);</tt><tt><br>
</tt><tt> CmsContextInfo ctx = new CmsContextInfo(user,
cms.getRequestContext().getCurrentProject(),
cms.getRequestContext().getUri(),
cms.getRequestContext().getSiteRoot(),
cms.getRequestContext().getLocale(),
cms.getRequestContext().getEncoding(),
cms.getRequestContext().getRemoteAddress(),
cms.getRequestContext().getRequestTime(),
cms.getRequestContext().getOuFqn());</tt><tt><br>
<br>
</tt><tt> cms = OpenCms.initCmsObject(cmso, ctx);</tt><tt><br>
request.getSession(true);</tt><tt><br>
</tt><tt> return cms;</tt><tt><br>
</tt><tt> <br>
}<br>
catch(<all proper exceptions>) {}<br>
</tt><tt><br>
<br>
</tt><tt> return null;</tt><tt><br>
</tt><tt> }</tt><br>
<br>
Am 21.07.13 09:47, schrieb Jakub Ječmínek:<br>
</div>
<blockquote type="cite"><div><div class="h5">
<div dir="ltr">Hi,<br>
<div dir="ltr">
<div>I'm trying to develope a "remember me" functionality to
OpenCms based on cookies and the best practices described
here <a href="http://jaspan.com/improved_persistent_login_cookie_best_practice" target="_blank">http://jaspan.com/improved_persistent_login_cookie_best_practice</a>. </div>
<div>Only problem that I have is that I don't know how to
login user programatically after it was verified that his
cookie is valid. I know that there is method </div>
<div>loginUser(java.lang.String username, java.lang.String
password) on CmsObject. But this requires knowledge of
user's password and I don't want to store user's password in
the cookie for security reasons, not even if it was hashed.
Is there any other way how to login user programatically? Or
has anybody tried to create this functionality in the
OpenCms?</div>
<div><br>
</div>
<div>Thanks.</div>
<div><br>
</div>
<div>Jakub Ječmínek<br>
------------------------------------------------<br>
NELASOFT Technologies, s.r.o.<br>
Mob: <a href="tel:%2B420%20604%20575%20772" value="+420604575772" target="_blank">+420 604 575 772</a><br>
E-mail: <a href="mailto:jakub.jecminek@nelasoft.cz" target="_blank">jakub.jecminek@nelasoft.cz</a><br>
Web: <a href="http://www.nelasoft.cz/" target="_blank">www.nelasoft.cz</a><br>
</div>
<div><br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><div class="im"><pre>_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
<a href="http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev" target="_blank">http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev</a>
</pre>
</div></blockquote>
<br>
</div>
<br>_______________________________________________<br>
This mail is sent to you from the opencms-dev mailing list<br>
To change your list options, or to unsubscribe from the list, please visit<br>
<a href="http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev" target="_blank">http://lists.opencms.org/cgi-bin/mailman/listinfo/opencms-dev</a><br>
<br>
<br>
<br>
<br></blockquote></div><br></div></div>