[Helma-user] Custom authentication problems
Florian Hänel
Florian.Haenel at rrze.uni-erlangen.de
Sun Apr 8 17:42:48 CEST 2007
Hello,
I have added a rudimentary single sign on (based on Internet2 Shibboleth)
support to antville (I'm posting here because the antville mailing lists seem
to be dead), by checking for specific http-headers in the Global/autologin
function which is called by HopObject.onRequest.
The authentication works for the antville main page at /antville/, however, if
I try to access a blog, say /antville/someblog/ it doesn't seem to work
anymore. I can't tell if the session isn't valid anymore and it fails to
create a new one in autologin, or if autologin is called at all.
Here's the code I added to autologin:
function autoLogin() {
if (session.user) return;
var u;
var name=req.data['shib-person-uid'];
if(name && name.length>0)
{
u = root.users.get(name);
if(!u)
{
u = app.registerUser(name, "foo");
if (!u) throw new Exception("memberExisting");
u.email = req.data['shib-inetorgperson-mail'];
u.publishemail = false;
u.registered = new Date();
u.blocked = 0;
}
session.login(u);
session.data.shib=true;
u.lastVist=new Date();
return
}
(...)
Please note, that I added the additional http headers to the helma source, so
they work just fine.
Thanks in advance,
--Florian
More information about the Helma-user
mailing list