Ceptor Docs

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ldap.userattributes

A Session Controller Authentication plugin, is responsible for authenticating a user - it must look up the user information at login and populate the session with it.

...

Code Block
languagejs
titleserver.authenticationplugin.sample
var AuthTypes = Java.type('dk.itp.security.passticket.AuthTypes');
var PTException = Java.type('dk.itp.security.passticket.PTException');
var AuthErrorCodes = Java.type('dk.itp.security.passticket.server.AuthErrorCodes');

var MyPlugin = Java.extend(Java.type('dk.itp.security.authentication.AbstractScriptAuthenticationPlugin'));

var plugin = new MyPlugin() {
    getName: function() {
        return 'Dummy script based authentication plugin';
    },
   
    getAuthenticationType: function() {
        return AuthTypes.AUTHTYPE_DUMMY;
    },
    
    getAuthenticationLevel: function() {
    	return 1;
    },
    
    login: function(usersession, userid, credentials) {
        if (userid === 'test' && credentials == 'password') {
            usersession.userid='Dummy';
            usersession.groups = null;
            usersession.stateVariables = null;
            usersession.isLoggedOn=true;
        } else {
            throw new PTException("Only test user is allowed", AuthErrorCodes.ERROR_INVALIDCREDENTIALS, "Invalid credentials");
        }
    }
}
plugin;

...

Note

Note that when editing these scripts in the Ceptor Console the editor has trouble with the syntax for inheriting from java classes in javascript, so it will indicate errors on the left even if the script is valid.


Extending functionality of existing authentication plugins using scripts

Starting with version 6.2.7 of Ceptor, it is also possible to extend the functionality of other authentication plugins using scripts.

Two new properties are added; script.prelogon and script.postlogon which can contain a script that gets called before and after login has been done using another authentication plugin.

When called, the variable context is an instance of the LogonScriptContext class, containing this information:

Code Block
public class LogonScriptContext {
	/** Session Controller */
	public PTSServer sessionController;
	/** The users session */
	public User session;
	/** The remote client making the login call */
	public Peer peer;
	/** Userid, or null in postlogin script */
	public String userid;
	/** Credentials, or null in postlogin script */
	public Object credentials;
	/** New password, if available, or null in postlogin script */
	public Object newPassword;
	/** Authentication plugin type - see AuthTypes class for details */
	public int authType;
}