Trace:
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
applications:configure_authentication [2018/03/14 07:12] admin created |
applications:configure_authentication [2020/07/08 13:00] (current) cduncan articles |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ~~NOTRANS~~ | ~~NOTRANS~~ | ||
| - | ~~Title: Configure application authentication~~ | + | ~~Title: Configure Application Authentication~~ |
| The default JVx application has a login screen and the user must enter a valid username and password for successful authentication. It does not offer automatic login or login with different authentication mechanism like OpenID, Facebook, etc. | The default JVx application has a login screen and the user must enter a valid username and password for successful authentication. It does not offer automatic login or login with different authentication mechanism like OpenID, Facebook, etc. | ||
| Line 14: | Line 14: | ||
| </file> | </file> | ||
| - | It's allowed to use more than one authenticator, comma separated. We have ready-to-use authenticators for Username/Password, AutoLogin for returning users, Online registration, NTLM. | + | It's allowed to use more than one authenticator, comma separated. We have ready-to-use authenticators for username/password, auto-login for returning users, online registration, NTLM. |
| If you need a different authenticator, simply implement com.sibvisions.apps.auth.IAuthenticator. | If you need a different authenticator, simply implement com.sibvisions.apps.auth.IAuthenticator. | ||
| - | Our Username and Password authenticator contains following code: | + | Our username and password authenticator contains the following code: |
| <file java> | <file java> | ||
| Line 65: | Line 65: | ||
| </file> | </file> | ||
| - | If you implement your own authenticator, consider that you' need (or not) a custom security manager, because the authenticator is client-side only. If you configure an authenticator, ProjX tries to open a new MasterConnection and sets your "credentials" as connection properties. The security manager checks given credentials and authenticates a user. | + | If you implement your own authenticator, consider that you need (or don't need) a custom security manager because the authenticator is client side only. If you configure an authenticator, ProjX tries to open a new MasterConnection and sets your "credentials" as connection properties. The security manager checks given credentials and authenticates a user. |
| - | In ProjX we have a security manager that allows anonymous authentication. It allows an application to show database content before a user is authenticated. It's not a security problem because the client sends an authentication request and the security manager checks if anonymous authentication is enabled. An anonymous user has no screens assigned. It only has access to the Session life-cycle object. | + | In ProjX we have a security manager that allows anonymous authentication. It allows an application to show database content before a user is authenticated. It's not a security problem because the client sends an authentication request and the security manager checks if anonymous authentication is enabled. An anonymous user has no screens assigned. It only has access to the session life cycle object. |