G'day,
I am trying to configure an authentication scheme for the portal and not having much luck.
My login module stack allows for password authentication or for automatic authentication, depending on the presence of the j_user and j_password values passed via the form on the logon page. If j_user and j_password are present, then the BasicPasswordLogin module is called. Otherwise, a different login module (one that authenticates the current user automatically) is used.
So I would like, when authenticating to the portal, for a logon page to be displayed, and then the logon module stack is executed when the "logon" button on that page is clicked. I would also like to to return to that page when the "log off" link is clicked once access has been granted to the portal. I want this to happen whether I use password authentication or automatic authentication.
But I am seeing two kinds of problems:
1. No logon form is shown and the automatic authentication occurs immediately. Essentially, there's no way to enter username/password information.
or
2. The logon form is shown initially but if automatic authentication is performed then the "log off" operation performs an immediate automatic logon for the current user. Essentially, there's no way to log off.
I've tried modifying authschemes.xml by adding new authentication schemes, new login module stacks, modifying the frontendtargets in the authschemes.xml, setting new values for the ume.logoff.redirect.url configuration option, but to no avail: I cannot configure an authentication scheme that will always show a forms-based logon page before the login module stack is executed, and will always return to that forms-based logon page once the "log off" link is clicked in the portal.
I guess I just don't understand the relationship between the login module stacks, and the front-end targets that collect the information required for those login module stacks. I'm not sure how it is determined whether the front-end target should be shown or not. In some cases these pages are displayed, in other cases they are not, and I haven't yet figured out why one occurs and not the other.
edit: I should add that the login modules use callback handlers to get information from the user, but how the logon form is displayed before the login module stacks are run, and how to get it displayed again after logoff, is the issue.
Any help on this subject appreciated.