Skip to Content

(HTTP)Login Service NG: DomainPasswordLoginService

Version 2.1 by wolfgang_glas@iteg_at on 2012-09-20 01.50:51

This describes the design ideas for the next generation of the login service stuff.

Base interface DomainPasswordLoginService

The base interface only provides a login verification API, without any HTTP session handling.

The Java interface is org.clazzes.util.sec.DomainPasswordLoginService from https://svn.clazzes.org/svn/util/trunk/clazzes-util/src/main/java/org/clazzes/util/sec/DomainPasswordLoginService.java

We plan the following implmentations now:

  • org.clazzes.login.http
  • org.clazzes.login.jaas
  • org.clazzes.login.ldap

We will create a new svn repository "login".

For testing:

  • org.clazzes.login.sandbox (Test app to play with the implementations and test the interface in several environments with diverse backends)

Future ideas for implementations:

  • org.clazzes.login.jdbc (Standalone using local Database)
  • If not out of scope: org.clazzes.login.openid (like provided by Wordpress, Google, Facebook, ...)

OSGi wrapper HttpLoginServiceAdapter

The OSGi side exists of one small bundle that listens for providers of the DomainPasswordLoginService interface and exports them adapted as a HttpLoginService (see https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java).

Current LoginServices combining login API and HTTP session handling will become obsolete: gwt-jaas-login-service,gwt-ldap-login-service, gwt-http-login-service (https://svn.clazzes.org/svn/gwt/trunk/gwt-*-login-service).

Package for the wrapper: org.clazzes.login.adapter.http

OSGi-bundle/project name: http-login-adapter

URL of exported DomainPasswordLoginServices: /http-login/<login.mechanism>/login