| Scout 7 and validation of credentials on server [message #1768501] |
Wed, 19 July 2017 13:57  |
 Benjamin Schulte
Messages: 34
Registered: December 2016 |
Member |
|
|
Hello,
I am updating my application to Scout 7. I am facing an unexpected problem.
I use the FormBasedAccessController to login my users. Of course I do not use the ConfigFileCredentialVerifier, but implemented a verify against the database. For seperation of concerns, the database is only connected from within the server project. So for verifying asgainst it, I followed the normal route to tunnel to server:
I made an implementing class in the server project and an interface for it in the shared project:
@TunnelToServer
public interface IPaCredentialVerifier extends IService, ICredentialVerifier {}
In UIServletFilter, I set this bean as the credential verifier.
m_formBasedAccessController = BEANS.get(FormBasedAccessController.class)
.init(new FormBasedAuthConfig().withCredentialVerifier(BEANS.get(IPaCredentialVerifier.class)));
This worked well in Scout 6. However, Scout Oxygen does not tunnel the call to the server.
org.eclipse.scout.rt.shared.servicetunnel.AbstractServiceTunnel - No UserAgent set on calling context; include default in service-request - MDC[]
org.eclipse.jetty.server.HttpChannel - /auth - MDC[]
java.lang.NullPointerException: null
at org.eclipse.scout.rt.shared.servicetunnel.http.HttpServiceTunnel.tunnel(HttpServiceTunnel.java:226)
at org.eclipse.scout.rt.shared.servicetunnel.AbstractServiceTunnel.invokeService(AbstractServiceTunnel.java:50)
HttpServiceTunnel line 226:
final IFuture<ServiceTunnelResponse> future = Jobs
.schedule(remoteInvocationCallable,
---> Jobs.newInput().withRunContext(RunContext.CURRENT.get().copy())
.withName(createServiceRequestName(requestSequence))
.withExceptionHandling(null, false)) // do not handle uncaught exceptions because typically invoked from within a model job (might cause a deadlock, because ClientExceptionHandler schedules and waits for a model job to visualize the exception).
So I assume this is because the user is not logged in and perhaps the RunContext is not set up. After a login with AnonymousAccessController, the tunnel is working.
However, I don't know how to solve this problem: I don't see the changes on the code between Scout 6 and 7 that are causing it. Besides, the approach with verifying the credentials on the server, not on the client site feels correct and I think I am not the only one doing so.
So, how can I achieve this in Scout 7? How are you doing this?
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.03102 seconds
] 
Search
Help
Register
Login
Home
