Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Implementation teams can send meaningful error messages to end-users using AJAX calls during user authentication.

For example, let’s assume user ‘terrim’ logs on to Modelhouse application. If the user’s credentials are incorrect or if the user does not have access, a meaningful error message must be displayed to the user.

Perform the following steps to validate session using AJAX:

  1. For the example scenario, in the Index.jsp page, send the AJAX request with the additional param, "AJAX_REQUEST" : "Y“, as shown in the following code snippet:

    function validateUser()
    {
    	var aparams=
    	{
    		"INPUT_ACTION": "SESSIONTEST",
    		"INPUT_FUNCTION_CODE": "VSBLTY",
    		"INPUT_PRODUCT": "CUSER",
    		"INPUT_SUB_PRODUCT": "CUSER",
    		"PAGE_CODE_TYPE": "SESSIONTEST",
    		"PRODUCT_NAME": "CUSER",
    		"AJAX_REQUEST": "Y",
    		"transactionCode":"logn",
    		"ctLoginID":"terrim"
        };
        extAjax(
        {
    		params: aparams,
    		success: function(response)
    		{
    			if(response.JSON_MAP.STATUS == 'failure')
    					alert(response.JSON_MAP.ADDITIONAL_INFO);
    		},
    		failure:function (response,request)
    		{
    			alert("fail");
    		}
    	});
    }
    <input 
        type = "submit" 
        onclick = "validateUser()" 
        name = "commit" 
        value = "LOGIN" 
        class = "login-btn" 
        aria-label = "Click to Login"
    />
  2. Use the forward mapping to use a servlet to forward the AJAX:

    <action-map 
      screenCode = "SESSIONTEST" 
      prodCode = "CUSER" 
      subProdCode = "CUSER" 
      funcCode = "VSBLTY" 
      host = "SESSIONTESTHOST">
        <action-class> com.intellectdesign.app.iquiz.action.TxnAction </action-class>
    </action-map>
  3. Create the Action (Java) class for the logon authentication. The following is a sample for reference:

    package com.intellectdesign.app.iquiz.action;
    import java.util.Map;
    import javax.servlet.http.HttpServletRequest;
    import com.intellectdesign.canvas.action.PortletAction;
    import com.intellectdesign.canvas.common.ReplyObject;
    import com.intellectdesign.canvas.constants.common.FrameworkConstants;
    import com.intellectdesign.canvas.exceptions.action.OrbiActionException;
    import com.intellectdesign.canvas.exceptions.common.ProcessingErrorException;
    import com.intellectdesign.canvas.logger.Logger;
    import com.intellectdesign.canvas.login.sessions.SessionInfo;
    import com.intellectdesign.canvas.web.config.ActionMap;
    
    public class TxnAction extends PortletAction{
        @Override
        public ReplyObject executePortletActionUsing(String action, SessionInfo sessionInfo, ActionMap actionMap,
                                                     Map requestParams, HttpServletRequest request) throws OrbiActionException
        {
            logger.ctinfo("CTTXN0001");
            ReplyObject reply = null;
            try
            {
                logger.ctdebug("CTTXN0002");
                /*
                 * if ("SUBMIT".equals(action) || "DRAFT".equals(action)) {
                 */
                reply = executeHostRequest(sessionInfo, actionMap.getHostCode(), requestParams, request);
                /* } */
                logger.ctdebug("CTTXN0003");
            } catch (ProcessingErrorException procExcep)
            {
                logger.cterror("CTTXN0004");
                throw new OrbiActionException(FrameworkConstants.ERROR_SYSTEM_ERROR,
                        "Received processing error while handling action - '" + action + "in TxnAction action", procExcep);
            }
            logger.ctinfo("CTTXN0005");
            return reply;
        }
        private static final Logger logger = Logger.getLogger(TxnAction.class);
    }
  4. Create the Handler class (Java) to handle the log-on authentication. The following is a sample reference:

    package com.intellectdesign.app.iquiz.handler;
    import java.util.*;
    import com.intellectdesign.app.iquiz.instruction.*;
    import com.intellectdesign.canvas.alert.details.AlertConstants;
    import com.intellectdesign.canvas.alert.handler.AlertDeliverySchedulerJob;
    import com.intellectdesign.canvas.authentication.providers.CTAuthenticationProvider;
    import com.intellectdesign.canvas.common.ExtReplyObject;
    import com.intellectdesign.canvas.common.ReplyObject;
    import com.intellectdesign.canvas.common.UserValue;
    import com.intellectdesign.canvas.config.ConfigurationManager;
    import com.intellectdesign.canvas.constants.common.JSPIOConstants;
    import com.intellectdesign.canvas.constants.login.LoginMasterConstants;
    import com.intellectdesign.canvas.constants.login.MobileDeviceManagerConstants;
    import com.intellectdesign.canvas.database.DatabaseException;
    import com.intellectdesign.canvas.event.Event;
    import com.intellectdesign.canvas.event.EventDispatcher;
    import com.intellectdesign.canvas.event.EventHandlerFrameworkConstants;
    import com.intellectdesign.canvas.event.handler.HandlerException;
    import com.intellectdesign.canvas.event.handler.IData;
    import com.intellectdesign.canvas.exceptions.common.OnlineException;
    import com.intellectdesign.canvas.exceptions.common.ProcessingErrorException;
    import com.intellectdesign.canvas.handler.SimpleRequestHandler;
    import com.intellectdesign.canvas.hybrid.handlers.MobileDeviceManager;
    import com.intellectdesign.canvas.logger.Logger;
    import com.intellectdesign.canvas.logging.PerformanceTimer;
    import com.intellectdesign.canvas.login.handlers.LoginMaster;
    import com.intellectdesign.canvas.properties.reader.PropertyReader;
    import com.intellectdesign.canvas.security.AuthenticationException;
    import com.intellectdesign.canvas.security.AuthenticationProviderFactory;
    import com.intellectdesign.canvas.security.IAuthenticationServiceProvider;
    import com.intellectdesign.canvas.utils.ChannelUtils;
    import com.intellectdesign.canvas.utils.StringUtils;
    import com.intellectdesign.canvas.value.CanvasRequestVO;
    import com.intellectdesign.canvas.value.IUserValue;
    import org.apache.poi.hpsf.Array;
    import org.json.JSONException;
    import org.json.JSONObject;
    import org.quartz.JobExecutionException;
    
    public class SessionTestHandler extends SimpleRequestHandler{
        private static PropertyReader mReader = new PropertyReader("txn_properties");
        private static PropertyReader eventReader = new PropertyReader("CTevent_properties");
    
        public ExtReplyObject handleLoginRequest(CanvasRequestVO request) throws ProcessingErrorException,
                AuthenticationException {
            ExtReplyObject reply = new ExtReplyObject();
            String action = request.getActionCode();
            if("SESSIONTEST".equals(action))
            {
                // ExtReplyObject reply = new ExtReplyObject();
                reply.headerMap = new HashMap();
                LoginMaster loginMaster = new LoginMaster();
                boolean multiLoginStatus;
                boolean loginSuccess = false;
                boolean forceChangePassword = false;
                IUserValue userValue = (IUserValue) request.getRequestData().get(LoginMasterConstants.FLD_USER_VALUE);
                String pin = userValue.getUserPin();
                Integer channelId = Integer.parseInt(ChannelUtils.getDeviceType(request.getSessionContext().getDeviceType(), request.getSessionContext().isHybridApp()));
                userValue.setChannelId(channelId.toString());
                HashMap customSessioninfoMap = userValue.getCustomSSOProperties();
    
                try {
                    // Step 1: Ask the Login Master to check within our entitlements implementation of whether the user details
                    // are
                    // valid.
                    userValue.setUserPin(pin);
                    userValue.setCustomSSOProperties(customSessioninfoMap);
                    authenticateUser(userValue);
                    if (LoginMasterConstants.STATUS_SUCCESS.equals(userValue.getTransactionStatus())) {
    
                        // Step 2: Set the password receive into the userValue retrieved and then pass it along to the
                        // authentication
                        // provider
    
                        userValue = loginMaster.loginUser(userValue);
    
                        // update current user login time
                        CTAuthenticationProvider authHandler = new CTAuthenticationProvider();
                        authHandler.updateUserLoginTime((UserValue) userValue);
                        HashMap requestMap = (HashMap) request.getRequestData();
                        String isHybrid = (String) requestMap.get("isHybrid");
    
                        if (LoginMasterConstants.STATUS_SUCCESS.equals(userValue.getTransactionStatus())) {
                            if ("H".equals(isHybrid) && !isDeviceValidationSuccessFull(request, userValue)) {
                                JSONObject jsonResult = (JSONObject) userValue.getCustomAttrbutes().get(
                                        MobileDeviceManagerConstants.APP_MANAGER_RESULT);
                                if (jsonResult != null && jsonResult.get("MESSAGE") != null) {
                                    userValue.setTransactionStatus(LoginMasterConstants.STATUS_FAILURE);
                                    reply.userValue = userValue;
                                    return reply;
                                }
                            }
    
                            if (LoginMasterConstants.CHANGE_PASSWORD.equals(StringUtils.ensureExists(userValue
                                    .getTransactionCode())))
                                forceChangePassword = true;
                            // If there is an ask to force change password, no point in treating it as a successful login. So do
                            // not update anything yet.
                            if (!forceChangePassword) {
                                multiLoginStatus = loginMaster.isMultiLoginAllowed(userValue);
                                if (!multiLoginStatus) {
                                    String errorMsg = "LBL_MULTI_LOGIN_MSG";
                                    loginMaster.handleInValidUser(userValue, errorMsg);
                                } else {
                                    try {
                                        userValue = loginMaster.populateUserPreferences(userValue);
                                        loginSuccess = true;
                                        loginMaster.insertUserSession(userValue);
                                    } catch (ProcessingErrorException e) {
                                        LOGGER.cterror("CTLGN00067", e);
                                        String errorMsg = "LBL_DB_EXCEPTION";
                                        loginMaster.handleInValidUser(userValue, errorMsg);
                                    }
                                }
                            }
                        } else {
                            // The authentication has failed or it is a step up. Log the userValue
                            LOGGER.ctdebug("CTLGN00022", userValue);
                        }
                    }
                } catch (ProcessingErrorException e) {
                    LOGGER.cterror("CTLGN00009", e);
                    throw e;
                } catch (JSONException e) {
                    // Exception catch for JSONException while validating App and Device
                    throw new ProcessingErrorException("ERR_JSON_CREATE", e.getMessage(), e);
                }
    
                // Finally raise the event.
                Event eventToBeRaised = null;
                if (loginSuccess)
                    eventToBeRaised = Event.getEventFor("CANVAS", "AUTHENTICATION", "LOGIN", "SUCCESS");
                    // Raise a different event for Invalid Password being provided.
                else if (userValue.isInvalidCred())
                    eventToBeRaised = Event.getEventFor("CANVAS", "AUTHENTICATION", "LOGIN", "INVALID_PWD");
                    // All other errors raise it as a failed login attempt.
                else if (forceChangePassword || LoginMasterConstants.STATUS_STEP_UP.equals(userValue.getTransactionStatus())) {
                    // For now, Skip the event raising if the authentication provider asked for a stepup authentication, or for
                    // a force change password.
                    // If needed later, this should be a separate authentication event.
                } else
                    eventToBeRaised = Event.getEventFor("CANVAS", "AUTHENTICATION", "LOGIN", "FAILURE");
    
                if (eventToBeRaised != null)
                    raiseEvent(request, eventToBeRaised, userValue);
    
                reply.userValue = userValue;
                return reply;
            }
            return reply;
        }
        private void raiseEvent(CanvasRequestVO request, Event event, IUserValue userValue) throws ProcessingErrorException
        {
            // Use the login id as the reference
            String refNo = StringUtils.ensureExists(userValue.getLoginId(),
                    EventHandlerFrameworkConstants.FLD_NOT_AVAILABLE);
            Map<String, Object> loginData = EventHandlerFrameworkConstants.getEventMandatoryDataFrom(request, event, refNo);
            HashMap<String, Object> eventData = new HashMap();
    
            if (!StringUtils.isEmpty(userValue.getUserNo()))
                loginData.put(EventHandlerFrameworkConstants.FLD_USER_NO, userValue.getUserNo());
            else
                loginData.put(EventHandlerFrameworkConstants.FLD_USER_NO, EventHandlerFrameworkConstants.FLD_NOT_AVAILABLE);
            loginData.put("status", userValue.getInfo());
            if (!StringUtils.isEmpty(userValue.getPrimaryGcif()))
                loginData.put(EventHandlerFrameworkConstants.FLD_GCIF, userValue.getPrimaryGcif());
            else
                loginData.put(EventHandlerFrameworkConstants.FLD_GCIF, EventHandlerFrameworkConstants.FLD_NOT_AVAILABLE);
            if (!StringUtils.isEmpty(userValue.getSessionId()))
                loginData.put(EventHandlerFrameworkConstants.FLD_SESSION_ID, userValue.getSessionId());
            else
                loginData.put(EventHandlerFrameworkConstants.FLD_SESSION_ID,
                        EventHandlerFrameworkConstants.FLD_NOT_AVAILABLE);
            loginData.put("LOGIN_DATE", new Date().toString());
            if (!StringUtils.isEmpty(userValue.getLoginId()))
                loginData.put("LOGIN_ID", userValue.getLoginId());
            else
                loginData.put("LOGIN_ID", EventHandlerFrameworkConstants.FLD_NOT_AVAILABLE);
            if (!StringUtils.isEmpty(userValue.getSimulatingUserNo()))
                loginData.put(EventHandlerFrameworkConstants.FLD_SIMULATION_USERID, userValue.getSimulatingUserNo());
            loginData.put(LoginMasterConstants.FLD_INVALID_ATTEMPTS, userValue.getInvalidAttempts());
    
            loginData.put(EventHandlerFrameworkConstants.FLD_LAST_LOGIN_DATE, userValue.getLastLogin());
            loginData.put(EventHandlerFrameworkConstants.FLD_SIMULATION_MODE, Boolean.valueOf(userValue.isSimulated()));
            loginData.put(EventHandlerFrameworkConstants.FLD_REFERENCE_KEY, userValue.getUserNo());
    
            // CT_ALERT_NOTIFY starts
            ArrayList recipient = new ArrayList();
            recipient.add(userValue.getUserNo());
            loginData.put(AlertConstants.RECIPIENTS_KEY, recipient);
            // CT_ALERT_NOTIFY ends
    
            eventData.putAll(loginData);
            eventData.put(EventHandlerFrameworkConstants.EVENT_META_DATA, loginData);
            eventData.put(EventHandlerFrameworkConstants.EVENT_DATA_OLD_STATE, loginData);
            eventData.put(EventHandlerFrameworkConstants.EVENT_DATA_NEW_STATE, loginData);
    
            try
            {
                EventDispatcher.getInstance().raiseEvent(event, eventData);
            } catch (HandlerException e)
            {
                // If the handler is configured to throw an exception, ensure that the same is propagated properly.
                throw new ProcessingErrorException(e);
            }
        }
        private boolean isDeviceValidationSuccessFull(CanvasRequestVO request, IUserValue userValue)
        {
            String validationPolicy = ConfigurationManager.getInstance().getSecurityDescriptor()
                    .getHybridPolicyProviderClass();
            if (validationPolicy == null || ("NONE").equalsIgnoreCase(validationPolicy))
            {
                return true;
            }
            MobileDeviceManager hybridAppManager = new MobileDeviceManager(request, userValue);
            return hybridAppManager.validateAppAndDevice();
    
        }
        private void authenticateUser(IUserValue userValue) throws AuthenticationException
        {
            IAuthenticationServiceProvider provider = null;
            String cmName = " [Login.authenticateUser] ";
    
            try
            {
                provider = AuthenticationProviderFactory.getAuthenticationServiceProvider();
                provider.authenticateUser(userValue);
            } catch (AuthenticationException authEx)
            {
                LOGGER.cterror("CTLGN00012", authEx, cmName);
                throw authEx;
            }
        }
    
        private ExtReplyObject constructSuccessReply(HashMap respMap)
        {
          ExtReplyObject reply = new ExtReplyObject();
          reply.headerMap = new HashMap();
          reply.headerMap.put("REPLY_TYPE", "SUCCESS");
          if (respMap != null)
          {
              reply.headerMap.put("JSON_MAP", respMap);
          }
          return reply;
        }
    
        /*
         * private ExtReplyObject constructErrorReply(final String errorCode,final String errorMsg){
         *
         * ExtReplyObject reply = new ExtReplyObject(); reply.headerMap = new HashMap();
         *
         * reply.headerMap.put("ERR_CODE", errorCode); reply.headerMap.put("REPLY_TYPE","ERROR");
         * reply.headerMap.put("ERR_MESS", errorMsg); reply.headerMap.put("SUCCESS", false);
         *
         * return reply; }
         */
    
        /**
         * Helper method to get the new reference number from the db sequence.
         *
         * @return long the newly generated Reference number
         * @exception OnlineException Thrown if any error occurs while fetching the next valye from sequence
         */
        protected String getNewRefNumber()
        {
            String refNo = null;
            logger.ctinfo("CTTXN0015");
            // refNo = UUID.randomUUID().toString();
            refNo = "T".concat(String.valueOf(new Date().getTime()));
            logger.ctinfo("CTTXN0016", refNo);
            return refNo;
        }
    
        protected IData formatTxnData(HashMap mapData, String action)
        {
            //logger.ctinfo("CTTXN0013");
            TxnData txnData = new TxnData();
            ScoreInstruction scoreInstruction=new ScoreInstruction();
            txnData.setUsername((String)mapData.get("Username"));
            txnData.setScore((String) mapData.get("Score"));
            txnData.setMisbe((String) mapData.get("Misbhaviour"));
            return txnData;
        }
    
        private void callRaiseEvent(CanvasRequestVO request, HashMap inputMap) throws ProcessingErrorException
        {
            HashMap<String, Object> alertData = new HashMap<String, Object>();
            HashMap<String, Object> eventData = new HashMap<String, Object>();
            String action = request.getActionCode();
            Event event;
            event = Event.getEventFor("CUSER", "CUSER", "VSBLTY", action);
            logger.ctdebug("CTVDF00155", event);
    
            alertData.put(EventHandlerFrameworkConstants.FLD_GCIF, request.getUserContext().getOwningGCIF());
            alertData.put(EventHandlerFrameworkConstants.FLD_USER_NO, request.getUserContext().getUserNumber());
            alertData.put(JSPIOConstants.INPUT_CHANNEL_ID, request.getSessionContext().getChannelId());
            alertData.put(REF_NO, inputMap.get(REF_NO));
            List recipientList = new ArrayList();
            if ("SUBMIT".equalsIgnoreCase(action))
            {
                recipientList = getRecipientList((String) inputMap.get("REFERENCE_NO"));
            } else if ("AUTH_TXN".equalsIgnoreCase(action) || "REJECT_TXN".equalsIgnoreCase(action))
            {
                recipientList.add(getMakerUserNo((String) inputMap.get("REFERENCE_NO")));
            }
            Set set = new HashSet();
            set.addAll(recipientList);
            List recipients = new ArrayList();
            recipients.addAll(set);
            alertData.put(AlertConstants.RECIPIENTS_KEY, recipients);
            eventData.putAll(alertData);
            eventData.put(AlertConstants.ALERT_DATA_MAP, alertData);
            eventData.put(AlertConstants.LOCALE_KEY, "en_US");
            EventDispatcher eventDispatcher = EventDispatcher.getInstance();
            try
            {
                eventDispatcher.raiseEvent(event, eventData);
                logger.ctinfo("CTTXN0014");
            } catch (HandlerException e)
            {
                String propName = "TXN0011";
                if ("SUBMIT".equalsIgnoreCase(action))
                {
                    propName = "TXN0012";
                } else if ("AUTH_TXN".equalsIgnoreCase(action))
                {
                    propName = "TXN0013";
                }
                if ("REJECT_TXN".equalsIgnoreCase(action))
                {
                    propName = "TXN0014";
                }
                logger.cterror("CTTXN0011", e, mReader.retrieveProperty(propName));
                throw new ProcessingErrorException(propName, mReader.retrieveProperty(propName));
            }
        }
    
        /**
         * This method fetch the all the user-no's except the maker
         *
         * @param refNo
         * @return
         * @throws OnlineException
         */
        private List getRecipientList(String refNo) throws ProcessingErrorException
        {
            PaymentInstruction paymentInstruction = new PaymentInstruction();
            List recepientList = null;
            try
            {
                List tempList = paymentInstruction.getRecipients(refNo);
                recepientList = new ArrayList();
                String key = "OD_USER_NO";
                for (int i = 0; i < tempList.size(); i++)
                {
                    Map tmpMap = (HashMap) tempList.get(i);
                    recepientList.add(tmpMap.get(key));
                }
            } catch (DatabaseException dbException)
            {
                logger.cterror("CTTXN0039", dbException, mReader.retrieveProperty("TXN0015"));
                throw new ProcessingErrorException("TXN0015", mReader.retrieveProperty("TXN0015"));
            }
            return recepientList;
        }
    
        private String getMakerUserNo(String refNo) throws ProcessingErrorException
        {
            String maker = null;
            PaymentInstruction paymentInstruction = new PaymentInstruction();
            try
            {
                Map makerMap = paymentInstruction.getMaker(refNo);
                maker = (String) makerMap.get("USER_NO");
            } catch (DatabaseException dbException)
            {
                logger.cterror("CTTXN0039", dbException, mReader.retrieveProperty("TXN0016"));
                throw new ProcessingErrorException("TXN0015", mReader.retrieveProperty("TXN0016"));
            }
            return maker;
        }
        private static final String REF_NO = "REFERENCE_NO";
        private static final int DEVICETYPE_INDEX_IN_VECTOR = 10;
        private static final Logger logger = Logger.getLogger(TxnRequestHandler.class);
    }
  5. Specify the Handler (Java) class in the handler properties:

    SESSIONTESTHOST_Handler = com.intellectdesign.app.iquiz.handler.SessionTestHandler
  6. Create a Authentication Provider (Java) class to fail the user authentication and set some logon failure message in the setuserValue -> setInfo. A Sample reference is as follows:

    package com.intellectdesign.modelhouse;
    import com.intellectdesign.canvas.logger.Logger;
    import com.intellectdesign.canvas.security.AuthenticationException;
    import com.intellectdesign.canvas.security.IAuthenticationServiceProvider;
    import com.intellectdesign.canvas.value.IUserValue;
    import javax.servlet.http.HttpServletRequest;
    import java.util.HashMap;
    import java.util.List;
    import java.util.Map;
    
    public class QuizAuthenticationProvider implements IAuthenticationServiceProvider {
        private static final Logger logger = Logger.getLogger(QuizAuthenticationProvider.class);
    
        @SuppressWarnings("unused")
        @Override
        public void authenticateUser(IUserValue uValue) throws AuthenticationException
        {
            Map customSSOProperties = uValue.getCustomSSOProperties();		
            logger.cterror("Inside AuthenticationProvider class.....");       
            uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());        
            String info = "SESSION TEST FAILURE MODE";
            uValue.setInfo(info);
        }
        @Override
        public void changeCredentials(IUserValue uValue) throws AuthenticationException
        {
            // Nothing to do here
        }
        @Override
        public void dispose()
        {
            // Nothing to do here
        }
        @Override
        public void extractUserCredentials(HttpServletRequest request, IUserValue uValue) throws AuthenticationException
        {
    		// Nothing to do here
        }
        @Override
        public void forceReset(IUserValue uValue) throws AuthenticationException
        {
            // Nothing to do here
        }
        @Override
        public IUserValue getPreferences(HttpServletRequest request, IUserValue uValue) throws AuthenticationException
        {
            return null;
        }
        @Override
        public void initialize() throws AuthenticationException
        {
            // Nothing to do here.
        }
        @Override
        public boolean isRSARollValidated(HashMap inputParams) throws AuthenticationException
        {
            return false;
        }
        @Override
        public boolean isRSATxnValidated(Object userData) throws AuthenticationException
        {
            return false;
        }
        @Override
        public void logoutUser(IUserValue uValue) throws AuthenticationException
        {
            uValue.setStatusFlag("T");
        }
        @Override
        public void logoutUser(String userId) throws AuthenticationException
        {
            // Nothing to do here
        }
        @Override
        public void onExtendSession(IUserValue uValue) throws AuthenticationException
        {
            // TODO: Referesh ticket here
            uValue.setInfo("User session has been extended");
        }
        @Override
        public void resetRSAPWD(IUserValue uValue) throws AuthenticationException
        {
            // Nothing to do here
        }
        @Override
        public List<IUserValue> retrieveUserDetails(List<String> usersList) throws AuthenticationException
        {
            return null;
        }
        @Override
        public boolean validateSession(HttpServletRequest request) throws AuthenticationException
        {
            return true;
        }
    }
  7. Specify the authentication provider in the securityconfig.properties file:

    # This is the default authentication provider that is to be used during login / logout / re-authentication purposes
    AUTH_SERV_PROV_CLASS = com.intellectdesign.modelhouse.QuizAuthenticationProvider
  8. Check that the user authentication is validated using AJAX in the application.

    For example, user ‘terrim’ logons to the Modelhouse application in the following screen shot:


    In the Authentication Provider (Java) class, the user authentication is made to fail in the authenticateUser function. Hence, the following error message is shown to indicate that the user authentication is validated using AJAX:


  • No labels