We were able to use our existing MySQL database for user authentication by creating
our own
versions of DBUserManager.java and ProfilerServices.java. This is probably not the
most elegant
way of implementing, but it does work.
In the UserManager, we commented out most of the functions since we were not planning
on allowing
account management through the portal. The retrieve( String username ) method was
then recoded to
use our database.
public User retrieve( String username )
throws UnknownEntityException, DataBackendException
{
TurbineUser user = new TurbineUser();
try {
Statement st = conn.createStatement();
String query = "select * from <tablename> where <username>=" + username;
ResultSet rs = st.executeQuery(query);
if (rs.next()) {
user.setFirstName(rs.getString("firstname"));
user.setLastName(rs.getString("lastname"));
user.setEmail(rs.getString("email"));
user.setPassword(rs.getString("password"));
user.setUserName(username);
user.setConfirmed("CONFIRMED");
user.setTemp("role","user");
return (User)user;
}
} catch(Exception e) {
throw new DataBackendException("Failed to retrieve user '" +
username + "'", e);
}
throw new UnknownEntityException("Unknown user '" + username + "'");
}
In ProfilerService.java, we commented out all of the code in the getProfile(RunData
rundata,
CapabilityMap cm) which dealt with determining if access should be based on group,
role or resource
(everything in the block headed by the comment "// Is it a group, role, or user
resource?").
We then added our own code to check the User.temp field that was set in the code above
to force
everyone to a "user" role (we do not allow users to customize their screens).
if (user.hasLoggedIn()) {
if (user.getTemp("role").toString().equals("user")) {
profile.setRole(
JetspeedSecurity.getRole(user.getTemp("role").toString()) );
}
} else {
profile.setAnonymous(true);
}
We changed the module names, so they must also be updated in the
JetspeedResources.properties and
TurbineResources.properties files
JetspeedResources.properties:
# The Profiler Service is implemented as a Turbine service.
#services.Profiler.classname=org.apache.jetspeed.services.profiler.JetspeedProfilerService
services.Profiler.classname=<your-new-profiler-service-classname>
TurbineResources.properties:
#services.SecurityService.user.manager=org.apache.turbine.services.security.db.DBUserManager
services.SecurityService.user.manager=<your-new-user-manager-classname>
Hopefully now, somebody will tell me how to do it "right!" I spent a lot of time
looking for an
answer to this issue myself and didn't find much helpful information.
Jim
karan dhawan wrote:
> Can jetspeed check for user and password authentication if i link it up with some
>other database
> regards
> kd
>
> ---------------------------------
> Do You Yahoo!?
> Yahoo! Tax Center - online filing with TurboTax
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
