Documentation

Trace: Configure Application Authentication

(applications)

Configure Application Authentication

The default JVx application has a login screen and the user must enter a valid username and password for successful authentication. It does not offer automatic login or login with different authentication mechanism like OpenID, Facebook, etc.

With ProjX, it's easy to integrate new authentication mechanism or change authentication mechanism.

Configure an authenticator in the application.xml of your application, like: 

<Application.authenticator>
  com.sibvisions.apps.auth.UserPwdAuthenticator
</Application.authenticator>

It's allowed to use more than one authenticator, comma separated. We have ready-to-use authenticators for username/password, auto-login for returning users, online registration, NTLM.

If you need a different authenticator, simply implement com.sibvisions.apps.auth.IAuthenticator.

Our username and password authenticator contains the following code: 

public Hashtable<String, String> getCredentials(ILauncher pLauncher)
{
    Hashtable<String, String> htCred = new Hashtable<String, String>();
 
    String sValue = pLauncher.getParameter("Application.Login.application");
 
    if (sValue != null)
    {
        htCred.put(APPLICATION, sValue);
    }
 
    sValue = pLauncher.getParameter("Application.Login.username");
 
    if (sValue != null)
    {
        htCred.put(USERNAME, sValue);
    }
 
    sValue = pLauncher.getParameter("Application.Login.password");
 
    if (sValue != null)
    {
        htCred.put(PASSWORD, sValue);
    }
 
    if (htCred.isEmpty() || htCred.size() == 1)
    {
        //empty: no login data available
        //1 entry: only application name is not enough; 
        //         only username is not enough
        return null;
    }
 
    return htCred;
}

It needs some more lines in application.xml: 

<Application.Login.username>jvx</Application.Login.username>
<Application.Login.password>welcome</Application.Login.password>

If you implement your own authenticator, consider that you need (or don't need) a custom security manager because the authenticator is client side only. If you configure an authenticator, ProjX tries to open a new MasterConnection and sets your “credentials” as connection properties. The security manager checks given credentials and authenticates a user.

In ProjX we have a security manager that allows anonymous authentication. It allows an application to show database content before a user is authenticated. It's not a security problem because the client sends an authentication request and the security manager checks if anonymous authentication is enabled. An anonymous user has no screens assigned. It only has access to the session life cycle object.

  • applications/configure_authentication.txt · Last modified: 2020/07/08 13:00
This website uses cookies for visitor traffic analysis. By using the website, you agree with storing the cookies on your computer.More information