Hi Geert,
I've been studying JumpStart, the cookbook and the live users guide
sections, but I guess (being a visual learner myself) is what's
missing is a good, old-fashioned flow diagram and more info on the
intrinsics of how all the advanced bits go together...
For example, the memory version is pretty straight forward.. the data
source is an XML representation consisting of a hard coded username
and password. All of the logging in/out is internal to the
framework. Nowhere in the simple auth version does one have to deal
with roles, or account creation, a user provided account structure,
and all of linkage of the native Rife user handing into that extra
metadata, etc.
Even which participant to start the session managers in is not too
obvious (at least to me) -- these are factory methods so they should
inherently be started only once.. but should there be a small shim
bean that does these various one-time setups? How do I invoke it...
can I "inject" the startup of these managers in the participants.xml
file like CreateCrudStructureParticipant and have the Rife do it for
me..? (certainly seems like a good place)
This seems to be at the crux of developing a full commercial web
applications with Rife, where a working example that demonstrated a
simple but non-trivial DB based user registration and validation
system would really make everything a lot clearer.
best regards,
David
PS: In fact, in wrestling with this for a couple of days, this seems
almost like a CRUD-like autogeneration problem that the framework
itself should provide like it does other metadata... the user
provides an Account structure with all the meta data, there a bunch
of setters to tell the framework which are key fields (like if the
username is a user-supplied string, or an email address) and what
fields are mandatory and how they should be validated... and then
you're off and running. Of course, the background issue about non-
self-contained authentication is still there (i.e., for corporate or
other applications where you need to auth against an outside store
such as ActiveDirectory or LDAP) but that's solvable in a similar
fashion by having the user provide a hook to an external lib and a
template fragment to collect their appropriate authorization tokens
needed by the outside system... still it could all be almost
transparent to the user...
On Dec 5, 2006, at 2:01 AM, Geert Bevin wrote:
Hi David,
did you look at the jumpstart? It's not setup for DB authentication
and uses memory authentication instead. The change is simply done
by using the rife/authenticated/database.xml element instead of
rife/authenticated/memory.xml. You'll also have to remove the
ParticipantMemoryUsers participant since your user credentials will
now come from the database.
To install the database structure you can use the install methods
of the related managers:
com.uwyn.rife.authentication.credentialsmanagers.DatabaseUsers.install
()
com.uwyn.rife.authentication.sessionmanagers.DatabaseSessions.install(
)
com.uwyn.rife.authentication.remembermanagers.DatabaseRemember.install
()
You can get instances of these managers by using their factories.
This installation logic is typically done in your own participant.
Finally, you'll have to indicate to the authentication element what
the datasource is that it needs to use by adding the datasource
property:
<element id="DbAuth" extends="rife/authenticated/database.xml">
<property name="datasource"><datasource>postgresql</datasource></
property>
...
</element>
You'll find more information here:
http://rifers.org/wiki/display/RIFE/GuideDatabaseUsers
Hope this helps,
Geert
On 05 Dec 2006, at 07:18, David HM Spector wrote:
Does anyone have a minimal self-contained DB-based authorization
web app example they could share...?
I am trying to work through the one in both the Live Users Guide
and the sources in the Rife-1.5 examples, but there's enough left
out that if you're not familiar with all of the insides of Rife
(and you're still learning you way around Rife to begin with),
its really tough to get how all of it works...
regards,
David
---------------------------------------------------------------------
----------------------
David HM Spector
spector (at) zeitgeist.com
http://www.zeitgeist.com/
~ ~ ~
"New and stirring things are belittled because if they are not
belittled, the
humiliating question arises, 'Why then are you not taking part in
them?'"
--H. G. Wells
_______________________________________________
Rife-users mailing list
Rife-users@uwyn.com
http://lists.uwyn.com/mailman/listinfo/rife-users
--
Geert Bevin
Uwyn "Use what you need" - http://uwyn.com
RIFE Java application framework - http://rifers.org
Music and words - http://gbevin.com
_______________________________________________
Rife-users mailing list
Rife-users@uwyn.com
http://lists.uwyn.com/mailman/listinfo/rife-users
------------------------------------------------------------------------
-------------------
David HM Spector
spector (at) zeitgeist.com
http://www.zeitgeist.com/
voice: +1 631.261.5013 fax:
+1 212.656.1443
~ ~ ~
"New and stirring things are belittled because if they are not
belittled, the
humiliating question arises, 'Why then are you not taking part in
them?'"
--H. G. Wells
_______________________________________________
Rife-users mailing list
Rife-users@uwyn.com
http://lists.uwyn.com/mailman/listinfo/rife-users
