cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Redirect login to FormLogin

SOLVED

Re: Redirect login to FormLogin

Here is the code of the Authenticator.

Basically, whenever you are pressing the Login button in the browser, It will execute the Method Authenticate.

In there, you basically implement your logic to authenticate. In this code, if either the user or the password is empty, it throws an error. In the Catch block, it's setting redirect to true and setRequiresChallenge to true (which will execute the method IssueAuthenticationChallenge). In that method, if redirect is true, then it redirects the user to formLogin....

If the user is good then continue to the home mashup set in the organization.

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import com.thingworx.common.SharedConstants;

import com.thingworx.security.authentication.AuthenticationUtilities;

import com.thingworx.security.authentication.AuthenticatorException;

import com.thingworx.security.authentication.CustomAuthenticator;

import ch.qos.logback.classic.Logger;

public class LoginAuthenticator extends CustomAuthenticator {

    private String user; 

    private String requestUrl; 

    private String password; 

    private boolean isFormLogin; 

    private boolean isRedirect;

public LoginAuthenticator() {

        user = null; 

        requestUrl = null; 

        password = null; 

        isFormLogin = true; 

        isRedirect = false; 

}

@Override

    public boolean matchesAuthRequest(HttpServletRequest httpRequest) 

            throws AuthenticatorException 

        { 

            requestUrl = httpRequest.getRequestURL().toString(); 

            if((!requestUrl.contains("action-login")) & (!requestUrl.contains("FormLogin"))) 

            { 

                isFormLogin = false; 

                isRedirect = true; 

                setRequiresChallenge(true); 

            } else 

            if(requestUrl.contains("action-login")) 

            { 

                user = httpRequest.getParameter("thingworx-form-userid"); 

                password = httpRequest.getParameter("thingworx-form-password"); 

            } 

            return true; 

        } 

      

@Override

   public void authenticate(HttpServletRequest httpRequest, HttpServletResponse httpResponse) 

        throws AuthenticatorException 

    { 

        try {

if(user.isEmpty() || password.isEmpty()){

getApplicationLogger().error("The username or password is empty");

throw(new AuthenticatorException("The username or password is empty"));

}

AuthenticationUtilities.validateCredentials(user, password);

            setCredentials(user, password); 

AuthenticationUtilities.getSecurityMonitorThing().fireSuccessfulLoginEvent("<a valid account with rights to the Mashup>", SharedConstants.EMPTY_STRING);

} catch (Exception e) {

// TODO Auto-generated catch block

isRedirect = true;

super.setRequiresChallenge(true);

e.printStackTrace();

}

    } 

@Override

   public void issueAuthenticationChallenge(HttpServletRequest httpRequest, HttpServletResponse httpResponse) 

        throws AuthenticatorException 

    { 

        if(isRedirect) 

        { 

            String urlString = "/Thingworx/FormLogin/Everyone";//replace with your own organization 

            try 

            { 

                httpResponse.sendRedirect(urlString); 

            } 

            catch(IOException e) 

            { 

                e.printStackTrace(); 

            } 

        } 

    } 

}