You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ofbiz.apache.org by Michael Imhof <mi...@nowhow.ch> on 2007/09/20 08:29:05 UTC

Accessing authentication information

The OFBIZ technique to secure external calls is to add "login.username" and
"login.password" to 
the parameters. But we don't want to add this additional parameters to every
call.

Our .NET client, wich is calling the OFBIZ webservices, is adding
username/password as credentials 
to the call (like it's common for basic authentication).

Serverside (OFBIZ) I would like to extract this additional information
(username/password) and
check OFBIZ authorization (via userlogin).
Searching the web, we should do this in the ControlServlet accessing the 
       MessageContext.getCurrentContext();
but this call returns <null>.

Does somebody has an idea how to access this information?

Regards,

Michael
-- 
View this message in context: http://www.nabble.com/Accessing-authentication-information-tf4485639.html#a12791600
Sent from the OFBiz - User mailing list archive at Nabble.com.

Re: Accessing authentication information

Posted by Michael Imhof <mi...@nowhow.ch>.

Redirect to this post:
http://www.nabble.com/Using-Basic-Authentication-with-OFBIZ-tf4487032.html


Michael Imhof wrote:
> 
> The OFBIZ technique to secure external calls is to add "login.username"
> and "login.password" to 
> the parameters. But we don't want to add this additional parameters to
> every call.
> 
> Our .NET client, wich is calling the OFBIZ webservices, is adding
> username/password as credentials 
> to the call (like it's common for basic authentication).
> 
> Serverside (OFBIZ) I would like to extract this additional information
> (username/password) and
> check OFBIZ authorization (via userlogin).
> Searching the web, we should do this in the ControlServlet accessing the 
>        MessageContext.getCurrentContext();
> but this call returns <null>.
> 
> Does somebody has an idea how to access this information?
> 
> Regards,
> 
> Michael
> 

-- 
View this message in context: http://www.nabble.com/Accessing-authentication-information-tf4485639.html#a12795559
Sent from the OFBiz - User mailing list archive at Nabble.com.