#1 2017-02-20 05:48:59

Mane
Member
Registered: 2017-02-20
Posts: 15

Is subclassing TSQLRestServerAuthenticationDefault the right choice?

Hi folks,

Still getting aquinted with the Framework, and the documentation and this forums have proven very valuable.

I've hit an obstacle and I yet to find a workaround...

I using the mORMot framework to implement a REST web server (without the ORM part), so I choose TSQLRestServerFullMemory class as a starting point and is working fine so far.

I've reached a point where I want to implement authentication and would like to use then approach on TSQLRestServerAuthenticationDefault, but would like to control the database against where the user/password is checked.

After the first handshake is done and the client respond with the complete URI, I have added an additional parameter "AppCtx" that tells me which database should I be checking against.

Sample URI...

http://localhost:888/root/auth?UserName=User&PassWord=fa8ae08c4e3210e7cc9b13b5b2a7188cddb405cc1323f7003084f785fa35c549&ClientNonce=5E54D885B8664725990EE78CC976C1E5&AppCtx=DEV01

On the server side I though it would be a matter of just subclassing TSQLRestServerAuthenticationDefault.Auth but I discover the Ctxt.AuthenticationFailed was on protected scope and suddenly things got more complicated, since I would like to overriding as little as posible as to remain "future proof" on the new releases of the framework...

I'm not user if my approach is correct or if I'm missing something obvious...

Would be nice if someone could offer some advice...

Regards,
Mario

Offline

#2 2017-02-20 07:21:57

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,183
Website

Re: Is subclassing TSQLRestServerAuthenticationDefault the right choice?

Did you try TSQLRestServer.OnAuthenticationUserRetrieve?

Offline

#3 2017-02-21 03:21:14

Mane
Member
Registered: 2017-02-20
Posts: 15

Re: Is subclassing TSQLRestServerAuthenticationDefault the right choice?

Thank you Ab, that did the trick... and way much cleaner that my intended approach.

Regards,
Mane

Offline

Board footer

Powered by FluxBB