Authenticator is, as yet, a purely hypothetical object related to JSPWiki Authentication. This page discusses the expected needs for such an object. This is NOT a documentation page.



Kyle Adams: Is it still purely hypothetical? Based on the Authorization And Authentication HOWTO and the existence of an LDAPAuthenticator it seems to have progressed beyond the theoretical stages and into the implementation.

JanneJalkanen: You're right, it's been implemented in 2.1. RefactorMe, please.


The Authenticator is a pluggable interface. This can be implemented to make it work with an external system, or with a normal wikipage, or even a flat text-file.

The code:


package ...

public abstract class Authenticator {

    public boolean Login(String username, String password, HttpServletRequest request){
        Wiki wiki = ...;
        WikiUserPrincipal user = getWikiUserPrincipal(username,password,wiki);
        if ( user == null)
            return false;
        else
            request.getSession.setAttribute("user", user);
    }


    /**
    * This method is responsible for controlling the username and password against 
    * some persistently saved mapping of these. The method returns a WikiUserPrincipal if 
    * the user can log in else null is returned (Maybe an exception or error should be thrown instead).
    */
    protected abstract WikiUserPrincipal getWikiUserPrincipal(String username, String password, WikiEngine wiki);

}

One hypothetical Authenticator I suggested is a WikiPageAuthenticator, which would parse a designated WikiPage to read user information. (I'm not yet convinced this is a good idea, in fact, mainly because of issues with hiding users' passwords. Simple enough to try out, though.) --ebu

Here are Mortena's further ideas on the subject:


This is an example of how a user page can look like:

NameBefore @After @
Morten Andersenmortenamip.sdu.dk

The information can then be picked up by a method, that takes the table headings and uses them as the keys to a mapping:

/**Reads in table number=tableNumber on page=wikiPage.*/
public Collection readInTable(String wikiPage, int tableNumber){

  1. Read in the names of the headings: ("Name", "Before @", "After @")
  2. For each row in the table make a map with a key for each of the heading names.
  3. Add the value of the coloumn in the row to the map.
  4. Add the map to a collection.
  5. return the collection of Maps.
}

One map would look like this:

Key:NameBefore @After @
Value:Morten Andersenmortenamip.sdu.dk

The method could be used for all types of applications (EmailGenerator etc.), and it would be independent of how the columns were arranged.


Are the table formattings really necessary? If such a simple auth list is used, why not KISS all the way? --ebu

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-10) was last changed on 24-May-2006 17:09 by 209.221.240.193