Hello Florian,
you might want to ask this question on the jetty mailing list as this seems to be not really specific to BaseX. You most likely also will get a more useful response as we are no jetty experts per se. However, I also couldn't find any HashLoginModule in our default jetty.xml (and I did a quick google search and could find anything), so I am not really sure what you actually do. Might be useful to post the relevant part of your jetty.xml.
Btw, in our RestXQ-based applications we mainly use application-defined authentication, i.e. we first check the proper login within each output function, so something like:
if(not(_:logged-in())) then () else
where _:logged-in() is simply
declare function _:logged-in() as xs:boolean { boolean(_:id()) };
and we set the session variable during login.
Cheers, Dirk
On 08/26/2013 11:25 AM, Florian Eckey wrote:
Hey,
I have a problem with the jetty authentication. I use the HashLoginModule, which is configured in the jetty.xml. The problem is, that I find no way to write the username in the session, so after login I have no username to deal with. Has anyone solved the same or a similar problem? Or are there any tips how to implement a secure login, after that I can use the entered username in the session?
regards
Florian
BaseX-Talk mailing list BaseX-Talk@mailman.uni-konstanz.de https://mailman.uni-konstanz.de/mailman/listinfo/basex-talk