This action is used to authenticate user by comparing several request
fields (username, password) with the values in a DBXML compliant database.
The description of the process is given via external xml description file
simiar to the one used for all actions derived from AbstractDatabaseAction.
The values specified via "request-param" describe the name of HTTP request
parameter, "element" indicates matching document node, "nullable" means
that request-param which is null or empty will not be included in the WHERE
clause. This way you can enable accounts with empty passwords, etc.
"to-session" attribute indicates under which name the value obtained from
database should be stored in the session. Of course new session is created
when authorization is successfull. The "type" attribute can be either
string, long or double and alters the type of object stored in session.
Additionally all parameters that are
propagated to the session are made available to the sitemap via {name}
expression.
If there is no need to touch the session object, providing just one-time
verification, you can specify action parameter "create-session" to "no" or
"false". No values are then propagated to the sesion and session object is
not verified.
Since:
2002/02/03
Version:
$Id: DbXMLAuthenticatorAction.html 1304258 2012-03-23 10:09:27Z ilgrosso $
based on DatabaseAuthenticatorAction created by Martin Man
objectModel - The Map with object of the
calling environment which can be used
to select values this controller may need
(ie Request, Response).
src - A source String to the Action
parameters - The Parameters for this invocation
Returns:
Map The returned Map object with
sitemap substitution values which can be used
in subsequent elements attributes like src=
using a xpath like expression: src="mydir/{myval}/foo"
If the return value is null the processing inside
the element of the sitemap will
be skipped.
org.apache.avalon.framework.logger.AbstractLogEnabled