My favorites | Sign in
Project Logo
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
Search
for
Updated Aug 11, 2009 by soundasleep
Labels: EndUser
LoginHandler  
A component which enforces session-based authentication.

Introduction

A Login Handler is a component which implements basic security for a Session. Any page within a Session that also contains a Login Handler will be secured with the handler. Simply place the Login Handler within a Session for it to take effect.

Incoming Parameter Wires will represent the necessary information for logging in.

The "login" outgoing wire will represent what to do when a login is successful; for example, this may navigate to a "login is successful" page.

The "logout" outgoing wire will represent what to do when a logout is successful; for example, this may navigate back to a home page, or a "logout is successful" page.

The outgoing Set Wire represents what model element will be updated with the current session.

Technical Details

A Login page will be generated, which will contain a form with all the fields that the user may need to complete in order to access the session. For example, a secret key handler will generate a login form with a single text field (the key); a domain instance handler will generate text fields for each parameter connected towards it.

A Logout page will be generated, which will invalidate the current login handler session information.

Any Page that contains a Login Handler will have its access EventTrigger connected to a check key or check instance operation. This operation will make sure that the current session has a valid key or instance; if not, it will redirect to the login page.

Secret Key

Description Controls authentication and access to pages, authenticated with a single key.
Model LoginHandlerKey.iaml
Inference Tests LoginHandlerKey.java
Runtime Tests LoginHandlerKey.java

The incoming Parameter Wire can be any data source, such as a static value or an ApplicationElementProperty. The Set Wire should connect to an ApplicationElementProperty, which will represent the current sessions' secret key.

Only one incoming secret key parameter is supported at the moment.

Domain Instance

Description Controls authentication and access to pages, authenticated with a domain instance.
Model LoginHandlerInstanceComplete.iaml
Inference Tests LoginHandlerInstanceMultiple.java
Runtime Tests LoginHandlerInstanceComplete.java

Authentication with this login handler will only be true if the given DomainInstance exists. This is an easy way to select for users in a database.

The incoming Parameter Wire can be any attribute in a Domain Object, although they should all belong to the same object (not yet enforced). The Set Wire should connect to a Domain Object Instance, which will represent the current sessions' selected instance.

Any number of incoming attribute parameters are supported.


Sign in to add a comment
Hosted by Google Code