|
|
|
|
If you've specified a plugin java class to use for authentication, when a user password is created or changed, your implementation of the [NetvigilPluginAuthentication].getAuthenticationString method is called. The authentication string this method returns is stored in the provisioning database, along with the unique string you picked to identify the authentication method. Traverse uses the unique string as a key to find and load your plugin authentication class. When the user tries to login to a Traverse application, this authentication string is retrieved from the database, and it, along with the password the user gave and the user login name is passed to your [NetVigilPluginAuthentication].authenticate method. If your authenticate method returns true, the user is allowed to login. Conversely, if authenticate returns false, the user is not able to login.
If you've told Traverse to use a plugin script, when the user logs in, Traverse takes the user login name, password and the parameters attribute from emerald.xml, and replaces the placeholders in the parameters attribute with the login name and password. It then looks in the authentication scripts directory for the script named in the execute attribute inemerald.xml, and executes the script with the updated parameters attribute. If the script runs successfully, and returns a zero exit code, Traverse allows the user to log in. If Traverse can't run the script, or the script returns with a non-zero exit code, the user is not allowed to login.