Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Eclipse Scout » Eclipse Scout disable login?
Eclipse Scout disable login? [message #1774241] Thu, 12 October 2017 02:50 Go to next message
Eclipse UserFriend
For an internal, productive application a login could be omitted. Is there a sensible way to disable the default scout login?

I have only found the option to set in the config.properties:

### Development
scout.dev.mode=true

This disables the login but maybe brings other, unwished side-effects such as an instable production system.

Re: Eclipse Scout disable login? [message #1774350 is a reply to message #1774241] Fri, 13 October 2017 02:54 Go to previous messageGo to next message
Eclipse UserFriend
Take a look at UiServletFilter.doFilter method.
Re: Eclipse Scout disable login? [message #1774351 is a reply to message #1774241] Fri, 13 October 2017 03:20 Go to previous messageGo to next message
Eclipse UserFriend
Yes, there are a couple of side effects when you turn on development mode that are not suitable for production use (e.g. disabled caching).

Authentication in Scout is based on plain J2EE security (JAAS). You basically handle authentication in servlet filters, the application itself does not have to deal with it. It just expects to be running in a JAAS security context (Subject.doAs). If you look at your web.xml file, you will see a preconfigured servlet filter. This is the one Benjamin has mentioned. It's located in your project, so you may freely adjust it to your needs. The doFilter() method delegates to one or more "access controlers". One of those is the DevelopmentAccessController, which is responsible for the disabled login screen in development mode (it just creates a JAAS Principal using the current user name). But you may also create your own access controllers.

For your purpose, it may be sufficient to use the AnonymousAccessController that is included in Scout (org.eclipse.scout.rt.server.commons.authentication.AnonymousAccessController).

Regards,
Beat
Re: Eclipse Scout disable login? [message #1774371 is a reply to message #1774351] Fri, 13 October 2017 07:46 Go to previous message
Eclipse UserFriend
Thanks for the given information!

Works perfectly.

For others here are more detailed steps I performed on the UiServletFilter:

1) Add field:
private AnonymousAccessController m_anonymousAccessController;

2) Initialize the field in the init method:
m_anonymousAccessController = (AnonymousAccessController.class).init();

3) Add if statement to doFilter method analogue to the other ones:
if(m_anonymousAccessController.handle(req, resp, chain)) {
return;
}

4) Call m_anonymousAccessController.destroy(); in the destroy() method for consistency reasons. (It does nothing).

You are done. :)


If you want to disable this functionality you could specify: scout.auth.anonymous.enabled=false

In the config.properties of the ui.html module.



Previous Topic:Apache - Tomcat forwarding does not work with a scout application
Next Topic:Eclipse Scout
Goto Forum:
  


Current Time: Tue Jul 08 03:25:05 EDT 2025

Powered by FUDForum. Page generated in 1.33389 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly