|
|
Re: Eclipse Scout disable login? [message #1774351 is a reply to message #1774241] |
Fri, 13 October 2017 07:20 |
|
Yes, there are a couple of side effects when you turn on development mode that are not suitable for production use (e.g. disabled caching).
Authentication in Scout is based on plain J2EE security (JAAS). You basically handle authentication in servlet filters, the application itself does not have to deal with it. It just expects to be running in a JAAS security context (Subject.doAs). If you look at your web.xml file, you will see a preconfigured servlet filter. This is the one Benjamin has mentioned. It's located in your project, so you may freely adjust it to your needs. The doFilter() method delegates to one or more "access controlers". One of those is the DevelopmentAccessController, which is responsible for the disabled login screen in development mode (it just creates a JAAS Principal using the current user name). But you may also create your own access controllers.
For your purpose, it may be sufficient to use the AnonymousAccessController that is included in Scout (org.eclipse.scout.rt.server.commons.authentication.AnonymousAccessController).
Regards,
Beat
|
|
|
|
Powered by
FUDForum. Page generated in 0.02912 seconds