1. 15 Dec 2011 4:33 AM #1
    Marte
    Marte is offline
    Sencha User
    Join Date
    Jan 2008
    Location
    Tenerife - Canary Islands
    Posts
    25
    Vote Rating
    0
    Marte is on a distinguished road
      0  

    Default Ext.ux.JEEAuth - JEE FORM authentication hook

    Ext.ux.JEEAuth - JEE FORM authentication hook


    The JEE FORM Authentication hook allows you to handle form-based authentication requests from inside AJAX-driven applications, to avoid page reloads. This reduces significantly the overhead of restarting the application. The hook installs automatically, then intercepts all Ext.Ajax requests and asks the user to provide authentication credentials when needed. The authenticated server's response is transparently forwarded to the originating request when the authentication succeeds.

    Please note that this extension is a port of my previous Ext.ux.J2EEAuth, which had support for ExtJs v2.x only.

    Usage:
    • Download Ext.ux.JEEAuth library and samples from github, at https://github.com/dmlambea/Ext.ux.JEEAuth.
    • Include jeeauth.js after all Ext libraries, then any desired customization (refer to the provided examples and README for details).
    • Make sure your servlet / RESTful / WebService / web application is ready to send back the authRequest.json-alike file as in FORM-based authentication.

    Supported versions: ExtJS v4.0.x

    Cheers,
    Marte.
    Reply With Quote Reply With Quote
  2. 17 Dec 2012 9:24 AM #2
    jadrake75
    jadrake75 is offline
    Ext JS Premium Member jadrake75's Avatar
    Join Date
    Sep 2008
    Posts
    108
    Vote Rating
    3
    jadrake75 is on a distinguished road
      0  

    Default


    Marte - this is absolutely wonderful. I was able to adapt this for my hobby application that is hosted in Glassfish with form based authentication. A few changes I had to make:
    1. In my development environment, my Ext-JS project is under a different web-app name than my JAX-RS project. I pass this as a relative query parameter to my application and have a JS class to handle this and use this to configure the proxies. As such I had to ensure the same web-app as the server was used for the action of the authentication form.
    2. Instead of just reading the json (which is what I did originally) I instead had it also check for the existence of a 'action="j_security_check"' string and if so set the authentication to true. This allows me to continue to use my nicely formatted HTML login for other applications (or hitting the web services directly from a browser outside of my Ext-JS app).
    3. I had to change the loadMask code to the following since isVisible( ) was returning false even though it was shown. Strangely enough isHidden( ) was returning the proper response.
    Code:
    if( loadMask && !loadMask.isHidden() )
    I will need to modify the login dialog, but that is straight forward. Thanks for working this out.....

    The other strange thing I am seeing.... my JAX-RS services only accept application/json or html/xml, application/xml content types. When I send the credentials to the server with the j_security_check action, it comes back with a 302 "Temporarily Moved" response and it appears the browser is doing a GET using the content type of security POST (which is x-www-form-urlencoded) causing a 415 Unaccepted Content Type to be raised by my webservices (even if I am doing a POST operation) and then immediately the proper POST is fired with the correct content-types (this proper post I believe is coming from the callback rolloff on the Ajax operations). I am not sure where the GET is coming from (as it is not hitting breakpoints in the .js) leading me to suspect it is a browser request. Have you seen this?

    Using EXT 4.1.1

    -Jason
    Stamp Image Bursting Application
    see http://code.google.com/p/stamp-imagebursting/
    Reply With Quote Reply With Quote

Tags for this Thread