Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
This is a new bundle that provides an implementation of forms based authentication for sling.
The login/logout servlets from the org.apache.sling.commons.auth are used.
The AuthenticationHandler will use http basic auth credentials if they are on the request, otherwise it will use the user/pwd posted from the login form.
The login form html is generated by a set of scripts
1. login.html.esp - full login page (includes login_body.html.esp for the form markup)
2. login_body.html.esp - just the login form, which may be useful for drawing the login form for an ajax context
3. loginError.html.esp - full login-error page
4. loginError_body.html.esp - just the login-error form, for login error in ajax context
The above scripts are included as bundle-resources @ /libs/sling/servlet/default
The bundle also has a couple of test scripts to show some examples of usage:
1. loginTest.html.esp - shows who is logged in and links to login or logout
2. loginTest2.html.esp - shows how a script can check permissions and show a login page if the anonymous user doesn't have permission to see the page,
Some examples of usage are:
1. http://host:port/path/to/node.login.html - show the login page and then goto http://host:port/path/to/node after authenticated
2. http://host:port/path/to/node.login.html?s=.edit.html - show the login page and then goto http://host:port/path/to/node.edit.html after authenticated
3. http://host:port/system/sling/logout - invalidate the session and switch back to anonymous user