The FileLoginModule plug-in handles logins that are authenticated against a password file.
The general flow of the user authentication process via a password file is as follows:
- Obtain the user information: The user establishes a connection to the application server and supplies his or her user identity.
- Instantiate an MDEX Engine connection object: The Presentation API AuthHttpENEConnection constructor is used to instantiate an AuthHttpENEConnection object that will be used to connect to the MDEX Engine.
- Authenticate the user against the password file: The AuthHttpENEConnection class has a login method that is used to read the password file to authenticate the user. The Endeca Access Control System automatically creates an entitlement filter for the user based on this information.
- Make a Secure MDEX Engine Query: The Presentation API AuthHttpENEConnection class has a query method that is used to make a query to the MDEX Engine that limits the user’s access to what is specified in the entitlement filter.
These steps are described in detail in the following sections.
Note: User authentication via a password file is supported by the Java and .NET versions of the Endeca Presentation API. All procedures apply to both versions, unless otherwise noted.
