The Authentication Process

From Zymonic

The Authentication Process[edit]

The UI Version[edit]

By default the 'Home' page has a block on it with a ZName AuthenticationBlock, this contains the process with a ZName 'Authentication' which is in most respects a normal process but uses class='Authentication' Zymonic::Process::Authentication to remove a handful of default behaviours.

The XML definition of the Authentication process then adds conditions to the login and logout transitions of a class 'Hook' (see Zymonic::Condition::Hook) - these 'Hook' conditions call methods on Zymonic::Hooks::AuthHook (either log_in or log_out).

Zymonic::Hooks::AuthHook then call methods in Zymonic::Auth to perform the login (authenticate) or logout - see further down for Zymonic::Auth. the default is 'db'.

The Webservice (API) Version[edit]

The webservice API calls Zymonic::Auth::authenticate directly - see next section for Zymonic::Auth.

Zymonic::Auth and sub-classes[edit]

Zymonic::Auth is the base class and is sub-classed based on where the directory of users are held e.g. Zymonic::Auth::db, Zymonic::Auth::ldap etc. which class is used can be determined in SystemOptions.xml either as a user selectable choice: 

 <ConfigOption>
   <OptionName>allowed_auth_types</OptionName>
   <OptionValue>LDAP=ldap,Database=db</OptionValue>
 </ConfigOption>

or fixed: 

 <ConfigOption>
   <OptionName>authtype</OptionName>
   <OptionValue>ldap</OptionName>
 </ConfigOption>

This is also possible to be set via the SystemOptions in the UI.

Retrieved from "https://wiki.zymonic.com/wiki/The_Authentication_Process?oldid=728"