name | type | description | default |
---|---|---|---|
successPage |
text |
The path the user is forwarded to after a successful login |
|
digestMaxValidity |
int |
the maximum validity of a login digest in minutes |
|
mailFrom |
text |
the sender address for e-mails send during password retrieval |
|
enableDeeplinks |
boolean |
set to true to forward the user to the originally requested page |
|
This is the default login mechanism requiring a user name and a password. Both are managed in the appNG manager application.
The digest login offers a digest based authentication.
External applications that do know about a the shared secret can use this to generate a parameterized URL that automatically signs in the user. Therefore a digest of the following form is needed:
{user}|{yyyyMMddHHmmss}|{utc-offset}|{hash}
.
Example:
admin|20160114120555|+01:00|1D87C8A5E738BD3015AC57F2D9B862A5
The {hash}
is a MD5 hash of {user}|{timestamp}|{utc-offset}|{shared-secret}
, where {shared-secret}
comes from the platform property sharedSecret
.
To enable digest-login, you have to set the following site properties:
-
authApplication
=appng-authentication
-
authLoginPage
=digestlogin
-
authLoginRef
=login
A valid digest login URL looks like
You can also parameterize a deep-link with the digest
parameter:
http://localhost:8080/manager/site/application/page/action/1?digest=johndoe|20160114121044|%2B01%3A00|1D87C8A5E738BD3015AC57F2D9B862A5
Note that the digest parameter needs to be URL encoded.
Tip
|
If http://localhost:8080/manager/site/appng-authentication/digestlogin?digest=johndoe|20160114121044|%2B01%3A00|1D87C8A5E738BD3015AC57F2D9B862A5 Also note that it’s not possible to do a deep link to another application |
This login method uses Microsoft NTLM to sign in a user with it’s windows domain account. It requires the WAFFLE Authentication Framework to be installed and configured properly. Note that both the appNG server and also the client machines must be running under Microsoft Windows.