Yes this is possible. As jcarlos mentioned Servoy embeds Tomcat (%SERVOY_HOME%\application_server\server) so you can configure the embedded Tomcat instance as you normally would for Waffle, ensuring that the Servoy servlets require authentication (by adjusting %SERVOY_HOME%\application_server\server\webapps\ROOT\WEB-INF\web.xml appropriately).
Once Tomcat is configured you can change the login form in your Login solution to a simple splash screen and in onShow() do something like:
- Code: Select all
var username = null;
if (application.getApplicationType() == APPLICATION_TYPES.WEB_CLIENT)
{
/** @type {Packages.org.apache.wicket.protocol.http.WebRequestCycle} */
var reqcycle = Packages.org.apache.wicket.RequestCycle.get();
var request = reqcycle.getWebRequest().getHttpServletRequest();
var principal = request.getUserPrincipal();
if (!principal)
{
// This should never happen if Tomcat is properly configured...
error = "Missing authentication information!";
}
else
{
username = principal.getName();
// now call your authenticator with the pre-authenticated username...
security.authenticate('my_authenticator', 'myAuthenticateMethod', [username]);
}
}
The Servoy authenticator won't validate the credentials since they've been pre-authenticated and can simply call security.login().
If you need to map roles then things are a bit more complicated because JEE APIs don't provide an method to get a list of the roles but you can hack around that by casting the Principal returned above to Tomcat's proprietary GenericPrincipal and call getRoles() on that...