This scenario describes how to develop a user logon verifier in a non-portal mode (that is, non-portlet mode), and the user can access the system only after the login verification is passed. Scene Description
When a user accesses a system resource, if there is no login, enter the login page, prompting for the user name and password, and the user name and password Authentication to access the system's resources. The development step confirms that the system is running in non portal mode.
After logging in Governor, select "Configure/http Access" in the menu navigation bar, go to the HTTP access configuration interface, and deselect the portal Mode checkbox as shown in the following illustration.
Filter the URL of the user login and configure the page to jump to when the user fails to log on, as shown in the following figure. Because the user login to the page and login request URL does not need to be authenticated, so you can not be authenticated URL added to the "HTTP Access" Configuration Interface "do not intercept URLs."
The page flow and page of user login are "/com.primeton.samples.security.userlogin.flow" and "/security/userlogin.jsp" respectively. When user logon authentication fails, the page to jump to is "/security/userlogin.jsp", and the page is configured to "jump page without login" in the HTTP Access configuration interface.
Configure managed user data.
Logical flow or operational logic cannot directly access the data in an HTTP session, only the data in the Muo, and the data in Muo is controlled, that is, if users want to access some information, they must configure the objects in Muo property information, otherwise they cannot be accessed.
Click the "Muo" tab, and then click the "Muo Property Information" tab to add the configuration items, as shown in the following figure.
Verify that the user has access to the system (such as when the user has been registered) to create the UserObject object in the page stream, by calling the Onlineusermanager.login (UserObject) method, Save the user object UserObject in session.
The
Explains that EOS uses the Portal mode option in the Configure/http Access feature in Governor to specify whether the user is logged on when accessing pages, page flows. When portal= "true", the user is not verified to log in, when portal= "false", verify the user is logged in, if the user is not logged in, will jump to the user specified login page, the specified login page can also be in governor "Configure/http Access" Features in the configuration. The criteria for determining whether a user is logged in are UserObject objects in both HttpSession and Onlineusermanager. The EOS development version for the default application (Eos-default) is to set the portal to "true", so that the user is not logged in when he or she is developing a new page under the default application and accessing the pages. However, the workflow client or management monitor that uses the default application must first log on from the workflow's login page, or it will throw an exception. And when the session times out, you need to log on again from the workflow's login page to use the workflow's client and management monitoring.