-
Notifications
You must be signed in to change notification settings - Fork 146
Security
Authentication and authorization support with the help of Roles is provided by the framework to support file based or custom security support
Security Providers need to be configured which define the login URL, the logout URL, the welcome URL after successful login and the protected resource list. The default username and password field names are,
_ffead_security_cntxt_username
_ffead_security_cntxt_password
The username and password fields can be passed in via query parameters, form parameters, header parameters or Authentication header.
-
File Based Security
The users file containing the username, password and role
sumeet:sumeet:ROLE_USER anony:anony:ROLE_ANONYMOUS
(Configuration)
<app> <security> <providers> <provider name="defProvider" logoutUrl="/logout"> <username from="reqparam" name="username"/> <password from="reqparam" name="password"/> <login-handler provider="file:users" path="login.html" /> <welcome file="index.html" /> <secure path="/public/*" role="ROLE_ANONYMOUS" /> <secure path="/rest/*" role="ROLE_USER" /> </provider> </providers> </security> </app>
Username field = username
Username position = request parameter
Password field = password
Password position = request parameter
The login URL = /login.html
The logout URL = /logout
Welcom File = /index.html
Provider = File (users)
Protected Resources = /public/* and /rest/* -
Class Based Security
XML Based
(Header)
#ifndef DefaultSecurityProvider_H_ #define DefaultSecurityProvider_H_ #include <iostream> #include "AuthController.h" class DefaultSecurityProvider : public AuthController { public: bool authenticate(const string& user, const string& password); string getUserRole(const string& username); bool isInitialized(); }; #endif
(Source)
#include "DefaultSecurityProvider.h" bool DefaultSecurityProvider::authenticate(const string& username, const string& password) { cout << "Username is " << username << ", Password is " << password << endl; return true; } string DefaultSecurityProvider::getUserRole(const string& username) { cout << "Username is " << username << endl; return "ROLE_USER"; } bool DefaultSecurityProvider::isInitialized() { return true; }
(Configuration)
<app> <security> <providers> <provider name="defProvider" logoutUrl="/logout"> <username from="reqparam" name="username"/> <password from="reqparam" name="password"/> <login-handler provider="class:DefaultSecurityProvider" path="login.html" /> <welcome file="index.html" /> <secure path="/public/*" role="ROLE_ANONYMOUS" /> <secure path="/rest/*" role="ROLE_USER" /> </provider> </providers> </security> </app>
Marker Based
(Header)
#ifndef DefaultSecurityProvider_H_ #define DefaultSecurityProvider_H_ #include <iostream> #include "AuthController.h" #pragma @SecurityProvider providerName="defProvider" url="/login" welcomefile="index.html" \ usernamefld="user" usernamefrom="header" passwordfld="pass" passwordfrom="header" class DefaultSecurityProvider : public AuthController { public: bool authenticate(const string& user, const string& password); string getUserRole(const string& username); bool isInitialized(); }; #endif
(Source)
#include "DefaultSecurityProvider.h" bool DefaultSecurityProvider::authenticate(const string& username, const string& password) { cout << "Username is " << username << ", Password is " << password << endl; return true; } string DefaultSecurityProvider::getUserRole(const string& username) { cout << "Username is " << username << endl; return "ROLE_USER"; } bool DefaultSecurityProvider::isInitialized() { return true; }