Dear everyone:
my xwiki will integrate into an website,and it will send me a one-time token,
i extends XWikiAuthServiceImpl as follows【i ignored some private func】,but the checkauth will run for any url,the token will be invalid when used once,so ,how can i remeber the current user,or how to persist my logined status?
public class XxxSSO extends XWikiAuthServiceImpl{
@Override
public XWikiUser checkAuth(XWikiContext context) throws XWikiException {
try {
System.out.println("OK,URL query is " + context.getURL().getQuery());
System.out.println("begin authentic: " +context.getUser());
String tokenstr = getToken(context);
//todo 1.token is null when click any link on xwiki page
if(tokenstr.equals(""))
{
System.out.println("OOPs,token is null");
return super.checkAuth(context);
}
String validUserName = getUserbyToken(tokenstr);
//todo 2.token exists from refresh but not useful for verify
if(validUserName.equals(""))
{
System.out.println("OOPs,token is invalid,pls login");
return super.checkAuth(context);
}
//3.token exists and ok for verify
System.out.println("OK,login as " + validUserName);
String validUserFullName = "XWiki." + validUserName;
if (context.isMainWiki()) {
System.out.println("OK,login mainwiki " );
context.setUser(validUserFullName);
return new XWikiUser(validUserFullName);
} else {
System.out.println("OK,login subwiki " );
String userid=context.getMainXWiki() + ":" + validUserFullName;
context.setUser(userid);
System.out.println("OK,login mainwiki as " +context.getUser());
//how to persist the userid loggined status here?
return new XWikiUser(context.getMainXWiki() + ":" + validUserFullName);
}
}catch(Exception e){
e.printStackTrace();
}
//https://github.com/xwiki-contrib/sandbox/blob/master/authenticators/xwiki-authentication-headers/src/main/java/com/xwiki/authentication/headers/XWikiHeadersAuthenticator.java
return super.checkAuth(context);
}
}