The Authentication Process
The Authentication Process[edit]
The UI Version[edit]
By default the 'Home' page has a block on it with a ZName AuthenticationBlock, this contains the process with a ZName 'Authentication' which is in most respects a normal process but uses class='Authentication' Zymonic::Process::Authentication to remove a handful of default behaviours.
The XML definition of the Authentication process then adds conditions to the login and logout transitions of a class 'Hook' (see Zymonic::Condition::Hook) - these 'Hook' conditions call methods on Zymonic::Hooks::AuthHook (either log_in or log_out).
Zymonic::Hooks::AuthHook then call methods in Zymonic::Auth to perform the login (authenticate) or logout - see further down for Zymonic::Auth. the default is 'db'.
The Webservice (API) Version[edit]
The webservice API calls Zymonic::Auth::authenticate directly - see next section for Zymonic::Auth.
Zymonic::Auth and sub-classes[edit]
Zymonic::Auth is the base class and is sub-classed based on where the directory of users are held e.g. Zymonic::Auth::db, Zymonic::Auth::ldap etc. which class is used can be determined in SystemOptions.xml either as a user selectable choice:
<ConfigOption> <OptionName>allowed_auth_types</OptionName> <OptionValue>LDAP=ldap,Database=db</OptionValue> </ConfigOption>
or fixed:
<ConfigOption> <OptionName>authtype</OptionName> <OptionValue>ldap</OptionName> </ConfigOption>
This is also possible to be set via the SystemOptions in the UI.