Authenticator is, as yet, a purely hypothetical object related to 
[JSPWiki Authentication]. This page discusses the expected needs for
such an object. ''This is NOT a documentation page.''

----
----
[Kyle Adams]: Is it still purely hypothetical?  Based on the [Authorization And Authentication HOWTO] and the existence of an [LDAPAuthenticator|LDAPAuthentication] it seems to have progressed beyond the theoretical stages and into the implementation.

[JanneJalkanen]: You're right, it's been implemented in 2.1.  [RefactorMe], please.

----
The Authenticator is a pluggable interface. This can be implemented to make it work with an external system, or with a normal wikipage, or even a flat text-file.


The code:
{{{

package ...

public abstract class Authenticator {

    public boolean Login(String username, String password, HttpServletRequest request){
        Wiki wiki = ...;
        WikiUserPrincipal user = getWikiUserPrincipal(username,password,wiki);
        if ( user == null)
            return false;
        else
            request.getSession.setAttribute("user", user);
    }


    /**
    * This method is responsible for controlling the username and password against 
    * some persistently saved mapping of these. The method returns a WikiUserPrincipal if 
    * the user can log in else null is returned (Maybe an exception or error should be thrown instead).
    */
    protected abstract WikiUserPrincipal getWikiUserPrincipal(String username, String password, WikiEngine wiki);

}
}}}

-----

One hypothetical Authenticator I suggested is a WikiPageAuthenticator,
which would parse a designated WikiPage to read user information. (I'm
not yet convinced this is a good idea, in fact, mainly because of issues
with hiding users' passwords. Simple enough to try out, though.)
--[ebu]

Here are [Mortena]'s further ideas on the subject:

----

This is an example of how a user page can look like:

||Name||Before @||After @
|Morten Andersen|mortena|mip.sdu.dk

The information can then be picked up by a method, that takes the table headings and uses them as the keys to a mapping:

{{{
/**Reads in table number=tableNumber on page=wikiPage.*/
public Collection readInTable(String wikiPage, int tableNumber){

}}}

# Read in the names of the headings: ("Name", "Before @", "After @")
# For each row in the table make a map with a key for each of the heading names.
# Add the value of the coloumn in the row to the map.
# Add the map to a collection.
# return the collection of Maps.
{{{
}
}}}

One map would look like this:

||Key:|Name|Before @|After @
||Value:|Morten Andersen|mortena|mip.sdu.dk

The method could be used for all types of applications (EmailGenerator etc.), and it would be independent of how the columns were arranged.

----

''Are the table formattings really necessary? If such a simple auth list is
used, why not KISS all the way?'' --[ebu]