[squeak-dev] AL2.0 - authentication
colin at wiresong.com
Mon Jan 21 20:11:17 UTC 2013
On Mon, Jan 21, 2013 at 11:05 AM, Chris Cunnington <
smalltalktelevision at gmail.com> wrote:
> So, near as I can figure it, auth in AL2.0 works something like this .
> I was wondering what was happening to the Relays. They were disappearing.
> It seems to me that they are added to an ALApplication with #addFactory:.
Yeah, I was folding a lot of relays into the main HTTP framework, because
they were doing things that didn't need to be configurable. (Eg, setting
required headers, or ensuring that the HTTP body is encoded the way the
headers say it is).
Also, a new relay pipeline is built for each request, which simplifies
relay implementation. #addFactory: takes a block that creates a relay, not
a relay its self.
> The nifty part looks to be that relays are activated by Notifications. The
> Relay contacts the cache of passwords by means of a Notification. If the
> username/password passes, then the flow of the program is not blocked, and
> it proceeds to ALTerminalRelay. No?
Yes. The idea is that relays are part of the dynamic scope during dispatch
and rendering, so other parts of the application can use Notifications to
communicate with them. Also, they can catch and handle exceptions (eg.
For auth, a resource or component can throw ALUserStipulation which
requests that ALAuthenticationRelay verify that the specified user is
logged in. The relay examines the request for the auth cookie, verifies the
cookie with an authenticator, and if all is well, resumes the exception. If
the auth cookie is absent, or doesn't match the specified user, the relay
shunts the request to a special handler which can answer a 403 response or
redirect to a login form or whatever. (In your example below, "footwo"
should be a block.)
Right now, the only authenticator is ALMemoryAuthenticator, which just
stores usernames and passwords in dictionaries. But the idea is to
implement bindings to external services, which could store things in a
database, do LDAP lookups, OAuth or whatever.
> An authentication addition to AL-Examples-Simple would be great.
> cache := ALMemoryAuthenticator new.
> cache register: 1 username: 'griffle' password: 'plonk'.
> authRelay := ALAuthenticationRelay destination: foo
> authenticator: cache
> shunt: footwo
> app := ALExampleApplication new.
> app addFactory: authRelay.
> (ALServer on: 8624 application: app)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Squeak-dev