» Authentication in Cloudfier apps

1 The Log-in dialog
2 Creating an application profile
3 Controlling guest access

The Log-in dialog

All Cloudfier applications get a log-in dialog like this.

Sign in

The sign in button allows a user to log into that application (and that application only). Cloudfier Apps users need to have signed up before, and acknowledged the confirmation email before they can sign in.

Sign up

Allows a user to register basic credentials to log in to Cloudfier Apps. Note that this only needs to be done once. The same credentials can then be used against any Cloudfier application. The sign up process only completes after the user acknowledges the confirmation email that they receive after sign up, so users need to provide a valid email address that they own.

Password requirements are: 8-20 characters, including digits and mixed-case letters.

Sign in as guest

Allows a user to log in to the Cloudfier application as a guest user. Not all applications support guest access, and those that do may provide limited functionality to guest users.

Reset password

Allows a user that may have forgotten their password to enter a new password. An email is sent to the user’s address with a link user can click to get to a form that allows users to enter a new password.

Creating an application profile

Just by having signed up to a Cloudfier app, a user can log in to any Cloudfier application. Each application has it is own concept of a “user profile”, which is the information the application keeps about its users, and represented by the User entity.

A user logged in to a Cloudfier application will not have a user profile object automatically created. After they log in, this is what they see at the top of their screen:

In order to become a properly registered user of the application, they need to press the “Create profile” button. They will then be asked to enter whatever details are kept for a user in that application, for example, for the ShipIt example application:

Once those details are entered, the user identity will be tied with that instance of the application profile or user entity, which will be returned when using the System#user() operation, which is useful for automatically setting a property (such as the reporter of an issue, the author of a comment) and defining authorization constraints (such as “you can only start working on this issue if you are the assignee”).

Controlling guest access

Whether anonymous users can log in to an application is determined by the “mdd.application.allowAnonymous” property that you can set in the mdd.properties file. The default is ẗrue, so set it explicitly to false if you want to forbid anonymous access.