• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag
 

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: simple security/authentication
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: simple security/authentication


  • Subject: Re: simple security/authentication
  • From: Chuck Hill <email@hidden>
  • Date: Thu, 8 Sep 2005 10:45:41 -0700

A better idea would be to subclass WOComponent and add this method

public void appendToResponse(WOResponse r, WOContext c) {
    // fetch credentials and compare against those supplied by user
    if(successful) r{
        super.appendToResponse(r, c);
    } else {
        pageWithName("AccessDenied").appendToResponse(r, c);
    }
}

Then use this as the superclass for all of your access restricted pages.


Chuck

On Sep 8, 2005, at 6:38 AM, Graham J Lee wrote:

</lurk>

Hi,

I'm a bit new at this webobjects lark, I've written toy apps in 4.0 and 5.x and now it's time to do something useful with my time :-) .

I'm writing a WOA which needs a user to authenticate in order to use the application but then doesn't need to keep track of the user after that. I can think of two different ways of achieving that:

[i] I found on stepwise a way to do it through HTTP basic authentication:
http://www.stepwise.com/Articles/Technical/BasicAuthentication.html
I could follow that[*], or could I in httpd.conf set a realm corresponding to the base URL of the application (e.g. /cgi-bin/ WebObjects/Application) and wrap the whole thing in htpasswd- protected access?


[*]although I'm not sure how to load a PB.project into Xcode 2.1...

[ii] before I discovered that, I had thought of doing the following in Main.java:

public WOComponent doLogin()
{
    // fetch credentials and compare against those supplied by user
    if(successful) return nextPage;
    else return null;
}

This does do what I want, but does that actually offer the security I need, i.e. does it make it impossible to get to nextPage without a set of valid credentials?

Thanks,

Graham.
--
Graham Lee
UNIX Systems Manager,
Oxford Physics Practical Course
Technical Bod, Oxford Mac Users' Group
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40global-village.net


This email sent to email@hidden


--
Practical WebObjects - a book for intermediate WebObjects developers who want to increase their overall knowledge of WebObjects, or those who are trying to solve specific application development problems.
http://www.global-village.net/products/practical_webobjects





_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
References: 
 >simple security/authentication (From: Graham J Lee <email@hidden>)

  • Prev by Date: Re: Enforcing uniqueness of data
  • Next by Date: Re: Flash and WebObjects...Make it Work with XML or other ?
  • Previous by thread: Re: simple security/authentication
  • Next by thread: Xcode 2.1 & WebObjects 5.3
  • Index(es):
    • Date
    • Thread