|
Re: Authentication with RAP [message #986632 is a reply to message #986093] |
Wed, 21 November 2012 09:23 |
|
Hi Sebastian
You propably need to register your filter in the rap plugin for the alias "/". If a login is required, the browser will automatically open a login window, if your filter returns an appropriate basic auth response (see also BasicSecurityFilter).
Some more information:
- Rap server connects to /ajax of the actual server with a token. /ajax typically is not covered by the servlet filters in the server.
- The bundles org.eclipse.scout.rt.server and org.eclipse.scout.rt.ui.rap register two servlet filters by default, one for development and one for production. The one for development doesn't ask for a login, it simply sets the user to the one defined in the system property "user.name". They are registered with a very high ranking to make sure custom filters come first.
I think you don't get any login box at the moment, because the DevelopmentAuthFilter is used.
Hope it helps
Claudio
|
|
|
|
Re: Authentication with RAP [message #986959 is a reply to message #986696] |
Thu, 22 November 2012 14:42 |
|
Accessing the database only from the actual server and not from the rap server is a good idea. I suggest to provide a servlet on the actual server which does the authentication check. The security filter on the rap server can then make a call to this servlet. If the response from the servlet is not HttpServletResponse.SC_OK, return HttpServletResponse.SC_UNAUTHORIZED along with the basic auth headers.
|
|
|
Re: Authentication with RAP [message #986979 is a reply to message #986959] |
Thu, 22 November 2012 16:49 |
Sebastian Boccardi Messages: 47 Registered: September 2012 Location: Montevideo |
Member |
|
|
If i try to extend the AbstractChainableSecurityFilter on the ui.rap i get this error:
The type javax.servlet.Filter cannot be resolved. It is indirectly referenced from required .class files
The strange thing is that BasicSecurityFilter (that works) extends the same filter....
[Updated on: Thu, 22 November 2012 16:49] Report message to a moderator
|
|
|
Re: Authentication with RAP [message #988328 is a reply to message #986979] |
Thu, 29 November 2012 12:24 |
|
You're getting the error since javax.servlet is not on the classpath.
Try to import the package javax.servlet (manifest.mf: Import-Package: javax.servlet), this should solve the problem.
There is no error with BasicSecurityFilter because that class is in the bundle org.eclipse.scout.http.servletfilter which has a dependency to javax.servlet.
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.04170 seconds