powered by Jive Software

Overriding admin console filters to access plugin data

Hi,

I have developed a headless plugin that will reply XML from a servlet. However when i try to accss the plugin via port 9090 I get redirected to the login.jsp page from my flex client. What I would like to do is bypass this (or posting a login and part of the request or in a seperate request). I had a look at the admin console’s web.xml and see that there is a PluginFilter servlet filter. Is this something I can use or is there a better suggestion?

Thanks

Charlie

Check out AuthCheckFilter#addExclude and AuthCheckFilter#removeExclude.

Can you give me a example on how to use this (do i just put that in my web.xml)? At the moment I do a http POST login then calling the servlet plus the accessor have to have admin privileges. By using this will it bypass the user have to have admin functionality?

Thanks

Charlie

You need to call this when initialise (resp. destroy) your plugin. You could take the Registration plugin as example. You will find the source code included with Openfire source code. This plugin does call both methods in initializePlugin() resp. destroyPlugin() method.

By using this will it bypass the user have to have admin functionality?
No. When using AuthCheckFilter#addExclude EVERYONE has access to that (and only that) page you excluded without login. This allows you to implement your own login check.