Change the Secure.java class of the play framework

Is it advisable to make changes in the methods of the Secure class of play framework? Or is there a wa开发者_Go百科y around it?

Secure.class no. Security.class yes.

To make changes to the Secure.class. No, normally, it should be ok in most cases. But, you will have to extend Security class. There are several methods in this class that have to be overridden to fit your application.

static boolean authenticate(String username, String password);
static boolean check(String profile);
static String connected();
static void onAuthenticated();
static void onDisconnect();
static void onDisconnected();

EDIT : After reading all the comments and understanding Joe's real need, here is part of the solution.

1. Create a normal login page. You can do this by adding the secure dependency in your dependencies.yml file. (Also run play dependencies)
2. Extends Security for overriding of authenticate method.
3. Also override onAuthenticate method to redirect toward the page of yuor choice using redirect()
4. Create a new tag loginbox.html in tags folder. Code is pasted below.
5. Use loginbox tag in your homepage : #{loginbox /}

That means :

• You will have a login box on homepage.
• When users login authenticate, they will be redirected to the page of your choice.
• When users login fails, they will be redirected toward the login page and will see errors there.

loginbox.html

#{form @authenticate()}
    <label>Login</label>
    <input type="text" name="username" maxlength="80"/>

    <label>Password</label>
    <input type="password" name="password" maxlength="80"/>

    <input type="submit" class="rounded" value="Se connecter" />
#{/form}

Its better to extend the Security class (as Zenklys mentioned) and override the methods you are interested in. Check this Play Secure document Having said that, nothing prevents you from modifying Secure class itself, but you will need to make sure to reflect the changes on every Play upgrade.

UPDATE

If you want to have your own login page, its simple, just create 'Secure' folder in you application view folder and add your verion of 'login.html' in there. i.e you are effectively overriding default Secure module login page.

Although play advises you to extend the Security class (and override the login.html page by issuing the command play secure:override --login) ... I preferred to actually modify the secure module itself because I could not do everything I wanted to by extending it. So, here is an alternative solution that works better for me and gives me less issues in general. I am using play 1.2.4

1. Copy the "secure" module folder from the play framework to your /modules folder (replacing the text file "secure" if there is one)
2. Remove the "require play -> secure" from dependencies.yml
3. Comment out this line in application.conf #module.secure=${play.path}/modules/secure (or change it to module.secure=modules/secure if that doesn't work)
4. $ play dependencies