Change the Secure.java class in the replay structure

Question

Change the Secure.java class in the replay structure

Is it desirable to make changes to the methods of the security class of the Secure class? Or is there a way around this?

+4

security playframework

developer_joe Jul 12 '11 at 9:45

source share

3 answers

It is better to extend the security class (as mentioned in Zenklys) and override the methods that interest you. Check Play secure document. Having said that, nothing prevents you from modifying the Secure class itself, but you need to reflect the changes every time you update Play.

UPDATE

If you want to have your own login page, just create it, just create the "Safe" folder in the application viewing folder and add your "login.html" to it. that is, you are actually redefining the default secure module module login page.

+5

sojin Jul 12 '11 at 9:51

source share

Despite the fact that play advises you to extend the security class (and override the login.html page by issuing a secure command: override -login) ... I preferred to actually modify the protected module itself, because I could not do everything I wanted to expand it . So here is an alternative solution that works better for me and gives me less problems in general. I am using play 1.2.4

Copy the “protected” folder of the module from the playback environment to the / modules folder (replacing the text file with “safe” if there is one)
Remove "require play → secure" from dependencies.yml
Comment this line in application.conf # module.secure = $ {play.path} / modules / secure (or change it to module.secure = modules / secure if this does not work)
$ play dependencies

0

user1187534 May 24, '13 at 15:22

source share

i.am.michiel · Accepted Answer · 2011-07-12T09:54:27+0000

Secure.class not . Security.class yes .

Make changes to Secure.class. No, usually, in most cases this should be normal. But you have to extend the Security class. There are several methods in this class that need to be overridden to suit your application.

 static boolean authenticate(String username, String password); static boolean check(String profile); static String connected(); static void onAuthenticated(); static void onDisconnect(); static void onDisconnected();

EDIT: After reading all the comments and understanding Joe's real need, here is part of the solution.

Create a regular login page. You can do this by adding a protected dependency to your dependencies.yml file. (Also run play dependencies )
Extends Security to override authentication method.
Also override the onAuthenticate method to redirect to the yuor select page using redirect()
Create a new loginbox.html tag in the tags folder. The code is inserted below.
Use the loginbox tag on your home page: #{loginbox /}

It means:

You will have a login window on the main page.
When users authenticate, they will be redirected to the page of your choice.
If the login fails, they will be redirected to the login page and will see errors there.

loginbox.html

 #{form @authenticate()} <label>Login</label> <input type="text" name="username" maxlength="80"/> <label>Password</label> <input type="password" name="password" maxlength="80"/> <input type="submit" class="rounded" value="Se connecter" /> #{/form}

Change the Secure.java class in the replay structure

loginbox.html

More articles: