Basic Authentication

[Andy Flury <an...@yahoo.com>]

hi,
 
In case anyone is interested, there is an easy way to implement a Basic
(WWW) Authentication for jetspeed. To do this, you have to follow these
steps:
 
1) Login Class
 
package com.mycompany.modules.screens;
 
import org.apache.turbine.modules.screens.VelocityScreen;
import org.apache.turbine.util.RunData;
 
public class Login extends VelocityScreen {
 
 protected void doBuildTemplate(RunData data) throws Exception {
  
  data.getResponse().setHeader("WWW-Authenticate", "Basic
realm=\"Jetspeed\"");
  data.getResponse().setStatus(401);
 }
}
 
2) LoginAction Class
 
package com.mycompany.modules.actions;
 
import org.apache.jetspeed.modules.actions.JLoginUser;
import org.apache.jetspeed.services.rundata.JetspeedRunData;
import org.apache.jetspeed.util.Base64;
import org.apache.turbine.modules.ActionEvent;
import org.apache.turbine.util.RunData;
 
public class LoginAction extends ActionEvent {
 
 public void doPerform(RunData rundata) throws Exception {
  JetspeedRunData data = (JetspeedRunData)rundata;
 
  String header = data.getRequest().getHeader("Authorization");
 
  if (header != null) {
   
   String auth = header.substring(6);
   String dec = Base64.decodeAsString(auth);
   int colon = dec.indexOf(":");
   data.getParameters().add("username", dec.substring(0, colon));
   data.getParameters().add("password", dec.substring(colon + 1));
 
   (new JLoginUser()).doPerform(rundata);
  } else {
   
   data.setScreenTemplate("Login");
  }
 }
}
 
3) Login Hyperlink in top.vm
 
<a href="$jslink.setAction("LoginAction")"
style="font-size:10">$l10n.USERFORM_LOGIN</a>
 
4) change screen/html/Login.vm
 
replace the code inside the Login.vm with the code of the Home.vm. (So
you have same code twice, once inside Home.vm and once inside Login.vm)
 
 
I don't know, if this would be a good idea to place into the next
version of jetspeed and give the administrator the choice between
form-based-authentication and basic-authentication
 
Regards,
Andy