According to this old post (2009), http://www.digitalkingdom.org/rlp/tiki-index.php?page=Learning+About+Weblocks#What_About_with-flow_and_yield_
and after some read of this forum, i wrote a CAS <http://www.jasig.org/cas> SSO login widget. My widget acts as a really simple CAS client (only support v1 protocol : http://www.jasig.org/cas/protocol) The CAS widget stores the user uid received from the CAS server, and the "protected" widgets tree. The main point is the render-widget-body method : if the user is authenticated then the private widgets tree is rendered. If not, the login action is used. It is always the right way to protect private contents ? The code : (defparameter *cas-server* "localhost") (defparameter *cas-server-port* "9443") (defparameter *cas-server-login-uri* "/cas/login?service=") (defparameter *cas-server-validate-uri* "/cas/validate?service=") (defparameter *cas-service* "http://localhost:8080";) (defwidget cas-client-widget () ((user-uid :accessor cas-user-uid :initarg :user-uid :initform nil) (child-widget :accessor cas-child-widget :initarg :child-widget ))) (defmethod render-widget-body ((obj cas-client-widget) &rest args) (declare (ignore args)) (let ((uid (or (cas-user-uid obj) (validate-cas-ticket-service (get-cas-ticket-service))))) (if uid (progn (setf (cas-user-uid obj) uid) (render-widget (cas-child-widget obj))) (do-cas-login)))) (defun do-cas-login () (redirect (concatenate 'string "https://"; *cas-server* ":" *cas-server-port* *cas-server-login-uri* *cas-service*))) (defun get-cas-ticket-service () (request-parameter "ticket")) (defun validate-cas-ticket-service (ticket-service) (if ticket-service (with-input-from-string (str (babel:octets-to-string (drakma:http-request (concatenate 'string "https://"; *cas-server* ":" *cas-server-port* *cas-server-validate-uri* *cas-service* "&ticket=" ticket-service)))) (if (string= (read-line str nil) "yes") (read-line str nil) nil)) nil)) Best regards. Fred. -- You received this message because you are subscribed to the Google Groups "weblocks" group. To view this discussion on the web visit https://groups.google.com/d/msg/weblocks/-/DCB5ltnlDn8J. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/weblocks?hl=en.
