Authentication into legacy system

yoanq · 2017-01-16 17:07:53

Hi ab,

We are trying to introduce Mormot in our legacy system. To do this we must address the issue of authentication. We have our own tables that are similar to those generated by TSQLAuthUser but excluding some fields. We don't have fields GROUPRIGHTS and DATA. There is a way to define the desired structure without having to modify the class bases of Mormot?

ab · 2017-01-16 17:20:59

First read https://synopse.info/files/html/Synopse … #TITLE_538

Then https://tamingthemormot.wordpress.com/2 … word-hash/

Then define your own authentication class, or even set the OnAuthenticationUserRetrieve event handler to return a "fake" TSQLUser, created on the fly from your legacy system information.
See https://synopse.info/files/html/api-1.1 … C_68DB10E9

yoanq · 2017-01-16 18:21:22

I would need to implement 3 things
A descendant class of TSQLRestServerAuthenticationDefault implementing CheckPassword. Used for authentication in the server.
A descendant of TSQLAuthUser and implement ComputeHashedPassword.
Implement OnAuthenticationUserRetrieve to return the data of my users.

It's that correct?

ab · 2017-01-16 18:59:40

If you implement CheckPassword, ComputeHashedPassword may not be mandatory.

yoanq · 2017-01-16 19:22:32

If it does match the Database structure would only be necessary to implement ComputeHashedPassword?

ab · 2017-01-16 20:26:01

It depends how the password is hashed.

yoanq · 2017-01-16 20:34:34

Using MD5, not SHA256

mORMot Open Source

#1 2017-01-16 17:07:53

Authentication into legacy system

#2 2017-01-16 17:20:59

Re: Authentication into legacy system

#3 2017-01-16 18:21:22

Re: Authentication into legacy system

#4 2017-01-16 18:59:40

Re: Authentication into legacy system

#5 2017-01-16 19:22:32

Re: Authentication into legacy system

#6 2017-01-16 20:26:01

Re: Authentication into legacy system

#7 2017-01-16 20:34:34

Re: Authentication into legacy system

Board footer