Hi there,
My application has both portal and Web client. The business logic enhanced login password by a particular pattern so that I have to customize AuthenticationProvider to massage user typed_in password, then programatically connection.login as demonstrated in Cuba for portal client:
While the user login via portal works fine, I need to do similar for Web login. By mimic the portal client approach, I created a bean in Web module:
@Service
public class WebAuthenticationProvider implements AuthenticationProvider, Serializable {
...
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
log.info("Entering authenticate");
...
Connection connection = AppBeans.get(Connection.NAME);
ClientUserSession webClientSession = (ClientUserSession)connection.getSession();
String loginPassword = myMassgePassword((String) token.getCredentials());
connection.login(loginUserName,
passwordEncryption.getPlainHash(loginPassword),
request.getLocale());
...
return new UsernamePasswordAuthenticationToken(webClientSession,
webClientSession.getId(),
getRoleUserAuthorities(webClientSession));
}
}
This bean WebAuthenticationProvider is registered in web-spring.xml as:
<bean class="cloud.pospro.posportal.web.auth.WebAuthenticationProvider"
name="WebAuthenticator"
scope="prototype"/>
When login, WebAuthenticationProvider is completely ignored since I did not see log message “Entering authenticate”.
I am using cuba studio 6.7.6. I also noticed “PL-9404 New Authentication subsystem”. Since my app still want to use Cuba-builtin login mechanism, just wanted to be able to transform user typed_in password, let’s say from “abc” to “xyz”, then programatically login with Cuba login, so LDAP is kind of overkilling, and I’d prefer not to use it.
Did I miss something, or Web external/customized AuthenticationProvider has to implement CubaAuthProvider instead of AuthenticationProvider, or this has to be done in a different way?
Any code example would be appreciated.
Thanks for the help,
-Mike