|
|
|
Yaacfi is an authentication, authorization and access control filter
for j2ee web applications. This filter loosely emulates j2ee servlet
container role based security with some extensions, it allows
to easily implement login procedures for much more complicated user
interaction schemes then standard container based security form login procedure.
These schemes are required to provide cookie login, openid login,
explicit login, etc. The filter is completely compatible with struts.
The next terms are used in the documentation:
- Explicit login procedure occurs when a user clicks a "login"
link on the site.
- Login on demand procedure occurs when a user, that has not logged in,
tries to access any protected resource on the site. In this case,
the system resumes the operation, that required the authorization, after
the user successful authentication if the user has enough permissions.
Implementation of a case, when a user submits a none protected form to a protected
action handler with HTTP POST method is interesting especially.
- Cookie (none interactive) login occurs when a user has
info in the cookies, enough to authenticate him/her w/o any
interaction. The filter provides special support
to simplify cookie login implementation (see SavedLoginHandler) .
- Openid login
process requires from the authentication system to redirect the user browser to a third
party web site which, after the authentication there (successful or not), redirects the user
browser back to the host that required the authentication. Of cause, openid login also
can be "on demand" and explicit.
The explicit login procedure can be implemented with Ajax technology (see
AjaxLoginPeer
).
read more ...
|
