Basic Password Authentication Example

The AgreementPartner class you implement can exercise any kind of access control you choose. It can perform straightforward password protection, require payment or provide an interface to an external micro-payment system.

This example shows a very simple implementation of AgreementPartner that provides basic password authentication. 

package com.mycompany.escenic.agreements;
import neo.xredsys.content.agreement.*;
public class PasswordAgreement implements AgreementPartner {
  AgreementConfig config;
  String realm = "Undefined";
  java.util.Map users = new java.util.HashMap();
  public PasswordAgreement() {
    config = new AgreementConfig();
    config.setAuthentication(true);
  }
  public AgreementConfig getAgreementConfig() {
    return config;
  }
  public void setRealmName(String newRealm) {
    realm = newRealm;
  }
  public String getRealmName() {
    return realm;
  }
  public void addUser(String user, String password) {
    users.put(user, password);
  }
  public java.util.Set getUsers() {
    return users.keySet();
  }
  public void service(AgreementRequest request, AgreementResponse response) {
    String username = request.getUserName();
    if (username == null || username.equals("")) {
      response.setBasicAuthenticationRealm(realm);
      return;
    }
    String password = (String) users.get(username);
    if (password == null || request.getCredentials() == null) {
      response.setBasicAuthenticationRealm(realm);
      return;
    }
    if (!password.equals(request.getCredentials())) {
      response.setBasicAuthenticationRealm(realm);
    }
  }
}

And here is the content of a .properties file that can be used to configure a PasswordAgreement component: 

$class=com.mycompany.escenic.agreements.PasswordAgreement

realmName=TestRealm
user.johndoe=johnspassword
user.someone=secret

The first line specifies the class that is to be instantiated, and the following lines contain th values of properties that are to be set. After instantiating the class, the Content Store automatically searches the rest of the file for properties that it can set using the class's methods. In this case it sets realmName by calling PasswordAgreement's setRealmName() method, and fills the users HashMap by calling addUser() for every element of the mapped property user.

For detailed information about the .properties file format, see Configuration File Format.

In addition to these methods that allow instances to be automatically configured by the Content Store, the class contains two other important components:

  • The getAgreementConfig() method, which returns an AgreementConfig instance to the caller. This method is required by the AgreementPartner interface. The AgreementConfig instance is used by the Content Store to determine what items of information the AgreementPartner requires in order to perform authorization. In this example, the AgreementConfig's authentication property is set to true. 

      public PasswordAgreement() {
    config = new AgreementConfig();
    config.setAuthentication(true);
  }

    authentication is defined here as meaning basic password authentication, so this setting indicates that the PasswordAgreement requires a realm name, user name and password in order to carry out authentication. AgreementConfig has other methods that you can use to add details of other information required for authorization. If, for example, successful authorization depends on the presence of one or more cookies on the user's computer, you must add this information using the AddCookieName() method - otherwise the service() method won't have access to the cookies.

  • The service() method, which is also required by the AgreementPartner interface. This is the method that carries out the actual authorization: 

      public void service(AgreementRequest request, AgreementResponse response) {
    String username = request.getUserName();
    if (username == null || username.equals("")) {
      response.setBasicAuthenticationRealm(realm);
      return;
    }
    String password = (String) users.get(username);
    if (password == null || request.getCredentials() == null) {
      response.setBasicAuthenticationRealm(realm);
      return;
    }
    if (!password.equals(request.getCredentials())) {
      response.setBasicAuthenticationRealm(realm);
    }

    The user's authorization data is passed in as an AgreementRequest object and compared with the user names and passwords in the users property. If no match is found, then the authentication request is rejected by setting the realm property of the AgreementResponse object that was supplied in the response parameter. If this property is not set, then authentication succeeds and the user will be granted access to the protected content. If it is set, then authentication fails and the application will carry out an appropriate action such as displaying a login page.

Using The Example

Copyright © 2004-2018 CCI Europe AS