Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Scout 7 and validation of credentials on server(Does not work any more)
Scout 7 and validation of credentials on server [message #1768501] Wed, 19 July 2017 13:57 Go to next message
Benjamin Schulte is currently offline Benjamin SchulteFriend
Messages: 34
Registered: December 2016
Member
Hello,

I am updating my application to Scout 7. I am facing an unexpected problem.

I use the FormBasedAccessController to login my users. Of course I do not use the ConfigFileCredentialVerifier, but implemented a verify against the database. For seperation of concerns, the database is only connected from within the server project. So for verifying asgainst it, I followed the normal route to tunnel to server:
I made an implementing class in the server project and an interface for it in the shared project:

@TunnelToServer
public interface IPaCredentialVerifier extends IService, ICredentialVerifier {}


In UIServletFilter, I set this bean as the credential verifier.
m_formBasedAccessController = BEANS.get(FormBasedAccessController.class)
				.init(new FormBasedAuthConfig().withCredentialVerifier(BEANS.get(IPaCredentialVerifier.class)));


This worked well in Scout 6. However, Scout Oxygen does not tunnel the call to the server.
org.eclipse.scout.rt.shared.servicetunnel.AbstractServiceTunnel - No UserAgent set on calling context; include default in service-request - MDC[]
org.eclipse.jetty.server.HttpChannel - /auth - MDC[]
java.lang.NullPointerException: null
	at org.eclipse.scout.rt.shared.servicetunnel.http.HttpServiceTunnel.tunnel(HttpServiceTunnel.java:226)
	at org.eclipse.scout.rt.shared.servicetunnel.AbstractServiceTunnel.invokeService(AbstractServiceTunnel.java:50)


HttpServiceTunnel line 226:
    final IFuture<ServiceTunnelResponse> future = Jobs
        .schedule(remoteInvocationCallable,
--->            Jobs.newInput().withRunContext(RunContext.CURRENT.get().copy())
                .withName(createServiceRequestName(requestSequence))
                .withExceptionHandling(null, false)) // do not handle uncaught exceptions because typically invoked from within a model job (might cause a deadlock, because ClientExceptionHandler schedules and waits for a model job to visualize the exception).


So I assume this is because the user is not logged in and perhaps the RunContext is not set up. After a login with AnonymousAccessController, the tunnel is working.

However, I don't know how to solve this problem: I don't see the changes on the code between Scout 6 and 7 that are causing it. Besides, the approach with verifying the credentials on the server, not on the client site feels correct and I think I am not the only one doing so.

So, how can I achieve this in Scout 7? How are you doing this?
Re: Scout 7 and validation of credentials on server [message #1768576 is a reply to message #1768501] Thu, 20 July 2017 07:52 Go to previous messageGo to next message
Paolo Bazzi is currently offline Paolo BazziFriend
Messages: 17
Registered: January 2017
Junior Member
Hi Benjamin

Verifying the credentials on the server is the correct way to go! If you call a backend service from your credential verifier implementation, you need to setup a run context and a subject. Have a look at my reply to this question, there is a very simple example how to do this: https://www.eclipse.org/forums/index.php/m/1758113/

Cheers,
Paolo


Re: Scout 7 and validation of credentials on server [message #1768610 is a reply to message #1768576] Thu, 20 July 2017 14:56 Go to previous messageGo to next message
Benjamin Schulte is currently offline Benjamin SchulteFriend
Messages: 34
Registered: December 2016
Member
Thank you - my fault, I did not expect someone already asked the very same question even with the same stacktrace.

It works now. :-)

I think the RunContexts need some more documentation. I must confess I did not get them entirely. Fortunately nevertheless most of the times everything works as intended.
But I also did not find any information what has changed to 6.1 causing this not to work anymore.
Re: Scout 7 and validation of credentials on server [message #1768620 is a reply to message #1768610] Thu, 20 July 2017 16:02 Go to previous message
Paolo Bazzi is currently offline Paolo BazziFriend
Messages: 17
Registered: January 2017
Junior Member
Hi Benjamin

There's a chapter about RunContext in the technical documentation: http://eclipsescout.github.io/7.0/technical-guide.html#runcontext

Cheers,
Paolo
Previous Topic:SmartField and Lookup call
Next Topic:[Oxygen] Webservices with Apache CXF don't build anymore
Goto Forum:
  


Current Time: Mon Nov 19 01:42:38 GMT 2018

Powered by FUDForum. Page generated in 0.02725 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top