|
Re: Application with and without authentication [message #1860904 is a reply to message #1858018] |
Thu, 07 September 2023 16:35 |
|
Krzysztof Leja wrote on Sat, 11 March 2023 09:341. Does the scout framework allow such a thing and how to best implement it in the code? Are there any examples of such an application
Yes, it should be possible, but it requires some work. I assume you are using Scout Classic. Each request is passed through a series of application-sepcific "access controllers". You can implement this security filter such that it succeeds without any login credentials. This technique is used by the DevleopmentAccessController to make it unecessary to log-in during development on your local machine. The Scout example apps (Widgets, Contacts) also automatically log you in as "anonymous".
See it in action: https://scout.bsi-software.com/contacts/
Source code: https://github.com/bsi-software/org.eclipse.scout.docs/tree/releases/22.0/code/contacts
It should be possible to add your own access controller that can handle both cases. You probably also have to modify the login page (e.g. by adding a "Start without login" button).
Krzysztof Leja wrote on Sat, 11 March 2023 09:34For open access (without logging in), is it possible to somehow disable the automatic session expiration message so that it is only displayed to the logged in user?
In Scout classic, everything you see on the screen has a representation on the UI server. The states of the different windows are organized in sessions. When the session is gone, the UI can no longer react to any user actions. Therefore, we show a popup when this happens. Simply not showing the popup is usually not desirable, because all buttons, menus etc. will not work anymore.
Here are some ideas:
- Increase the session timeout to a very large value. This has the problem that sessions last longer and the server therefore needs more memory.
- Use ScoutJS to implement the application. In this setup, all code is written in JavaScript/TypeScript and is executed in the browser. The UI server is only necessary initially to load the JS/CSS resources. Such an application therefore never expires. Read more about Scout JS in the documentation. You can see it in action here: https://scout.bsi-software.com/jswidgets/
- Use a static website (using any technology, or written by hand) for your non-logged-in users. You can even use it to call REST services on the Scout server. This very much depends on the kind of your application.
Regards,
Beat
|
|
|
Powered by
FUDForum. Page generated in 0.03122 seconds