Hello,
I was hoping that somehow, when submitted via the form, password gets recorded until the
end of the session. We can't afford, for the sake of user experience, to ask password
every time user need to access a hidden system he is not even supposed to know is separate
from the wiki. That's why we are writing some macro / components so that it's
xwiki that access those system for him. This include various webservices, a documents
storage and so on. We try to keep a single sign on policy. Of course, i don't want
user password stored anywhere on disks, but keeping it in user session seems a good
trade-of for me.
I plan thus to create my onw xwikiauthservice that delegates to ldap service and store
this in user session.
----- Mail original -----
De: "Jerome Velociter" <jerome(a)winesquare.net>
À: "XWiki Developers" <devs(a)xwiki.org>
Envoyé: Mardi 19 Juin 2012 11:53:42
Objet: Re: [xwiki-devs] Access password of current user
Hi,
Fortunately, you can't. You can only access/verify a hashed version of
the password.
Note that asking for a password again is not necessarily a bad UX,
especially if it is to allow access to a sensitive area/operation.
Cheers,
Jerome.
On Tue, Jun 19, 2012 at 11:39 AM, David Delbecq <david.delbecq(a)meteo.be> wrote:
Hello,
i am writing a component that need a password. Because this password will be the same for
current user as the one he used to log-in, it would make for crappy interface ot ask it
again to user. So i need to know how my component or a groovy script can access the
username / password of current logged-in user.
Thank you.
David Delbecq
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
--
Jérôme Velociter
Winesquare
http://www.winesquare.net/
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs