I started using scout a week ago, and i am really liking it! I have a java background and not a Servlet background. I have some problems understanding the security filtering with JAAP.
The thing i want to do is when the client starts it must ask for a username and a password. This username and password have to be checked against the database and a user is logged in (setting the correct permissions).
I am running into trouble when i set the DataSourceSecurityFilter. Either the login box is not showing or nothing happens at al. I have the following code present:
org.eclipse.scout.http.servletfilter.security.DataSourceSecurityFilter#selectUserPass=SELECT LOWER(NAME) FROM MYAPP_USERS WHERE LOWER(NAME)=? AND PASSWORD=?
So to formulate my questions better:
1: How do i insert the username and password at the ? places in the above code? (or should the ? sign work just fine?)
2: How can i prompt for the login screen every time i try to login over RAP (clearing cache or something?)
3: Is there an easier way to login to scout, like having the security check on the client side?
Are you following the wiki documentation at http://wiki.eclipse.org/Scout/Concepts/Security? Does it work with the basic security filter? Is there anything in the server or client output indicating an error? Does the DB file exist? Are jdbcUsername and jdbcPassword correct? Do you have a table called MYAPP_USERS with the columns NAME and PASSWORD in your database?
Regarding your first question: Yes the question marks should work just fine as placeholders.
So many questions so few answers...
Thanks for you reply. I have been struggeling today to get it working again, and i succeeded. The thing i did wrong (i guess) is stat in the plugin.xml i specified that the DataSourceSecurityFilter is at location 40. I had no clue what this was at the time, so i didn't pay attention to it. However for all people having the same issues as me it is important. You have to place the block of code one whitespace below the AnounymousSecurityFilter and set all other filters to false.
I found out a second thing about this problem, if you want this working for you RAP target you should do exactly the same in the config.ini of the RAP target and the plugin.xml.