Below are the highlights of this release.
You can also read the full changelog for more details.
It's quite common nowadays to offer the possibility to have an application remember the login credentials of users. RIFE now offers this out-of-the-box when you store your authentication data in a database (there's not much use in remembering people in volatile memory). The only thing you have to do is to update the declaration of your authentication element and to add a checkbox to your login form.
The element declaration has to contain
the 'remember' parameter in the 'credentials'
submission and a 'rememberid' in- and outcookie. Like this,
for instance:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE element SYSTEM "/dtd/element.dtd">
<element extends="rife/authenticated/databaseunpurged.xml">
<initparam name="datasource"><config param="unittestsdatasource"/></initparam>
<initparam name="template_name">authentication_remember</initparam>
<submission name="credentials">
<bean classname="com.uwyn.rife.authentication.credentials.RoleUser"/>
</submission>
<incookie name="rememberid"/>
<outcookie name="rememberid"/>
<childtrigger name="authid"/>
</element>The login form can for example by done like this:
<form name="credentials" action="[!V 'SUBMISSION:FORM:credentials'/]" method="post"> <!--V 'SUBMISSION:PARAMS:credentials'/--> <!--V 'FORM:INPUT:login'/--> <!--V 'FORM:SECRET:password'/--> <!--V 'FORM:CHECKBOX:remember'/--> <input type="submit" value="Login" /> </form>
It's recommended to not allow users to access sensitive
data or to perform payments if they are authenticated through remembered
credentials. You can enforce this by creating another authentication
element and setting the 'prohibit_remember' to
true, like this:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE element SYSTEM "/dtd/element.dtd">
<element extends="rife/authenticated/databaseunpurged.xml">
<!-- ... same as above ... -->
<initparam name="prohibit_remember">true</initparam>
</element>To make it possible to correctly implement the 'remember me' feature, a minor change had to be made to the authentication database structure. The following SQL commands need to be executed for the appropriate database:
MySQL
ALTER TABLE Authentication ADD COLUMN remembered BIT DEFAULT 0 NOT NULL;
Oracle
ALTER TABLE Authentication ADD (remembered NUMBER(1) DEFAULT 0 NOT NULL);
PostreSQL
ALTER TABLE Authentication ADD COLUMN remembered BOOLEAN; UPDATE Authentication SET remembered = false; ALTER TABLE Authentication ALTER COLUMN remembered SET NOT NULL; ALTER TABLE Authentication ALTER COLUMN remembered SET DEFAULT false;
RIFE
now includes the rife/http/redirect.xml element to make it
easy to redirect from one location to another. The element supports the
following properties:
to
The target where the redirection should go to.
type
The type of the target, according to this property the target value will be interpreted differently. Currently it supports:
urlThe 'to' value is a regular URL and will be used as a raw value for the redirect (this is the default value if it hasn't been specified).
elementThe 'to' value is the ID of an element which will be resolved according to the redirection element that you're defining. It van thus be both relative and absolute.
So you can for instance redirect to the URL of the
.SOME_ELEMENT_ID element like this:
<element id="REDIRECT" file="rife/http/redirect.xml" url="/redirecturl">
<property name="to">.SOME_ELEMENT_ID</property>
<property name="type">element</property>
</element>or redirect to http://www.uwyn.com like
this:
<element id="REDIRECT" file="rife/http/redirect.xml" url="/redirecturl">
<property name="to">http://www.uwyn.com</property>
</element>RIFE can now automatically compress the output of certain mime types. This makes pages being served much quicker and less bandwidth being used. You turn on the compression by doing this in the configuration file of your application:
<param name="GZIP_COMPRESSION">true</param>
By default the following content types will then be compressed: text/html, text/xml, text/plain, text/css, text/javascript, application/xml and application/xhtml+xml. If you want to override these, you can by setting up the appropriate configuration list like this:
<list name="GZIP_COMPRESSION_TYPES">
<item>text/html</item>
<item>text/xml</item>
<item>text/plain</item>
</list>Note that this compression will only influence content that's being served through RIFE. If you serve static files straight through your servlet engine, you'll have to configure gzip compression in your servlet engine for those files.
Before, RIFE converted templates to Java source code and compiled this with a regular Java compiler. The engine has been rewritten it now generates bytecode directly. The result is that it's not only 12 times faster, but you don't need the availability of a full JDK anymore to be able to modify templates. This is make template engine useful in many situations where only a JRE is present.
2004-06-17 Geert Bevin <gbevin[remove] at uwyn dot com> * RELEASE 0.7.2 2004-06-16 Geert Bevin <gbevin[remove] at uwyn dot com> * Added support for doSubmissionName() methods in an element that get called whenever a matching submission occurs. 2004-06-15 Geert Bevin <gbevin[remove] at uwyn dot com> * Fixed some bugs in WaitingImageObserver 2004-06-14 Geert Bevin <gbevin[remove] at uwyn dot com> * Added makeErrorValid() method to Validation. 2004-06-11 Geert Bevin <gbevin[remove] at uwyn dot com> * Renamed ContentTransformer to TemplateTransformer to prevent a CMF name clash. 2004-06-09 Geert Bevin <gbevin[remove] at uwyn dot com> * Replaced dateFormat() constraint with a more generic format() constraint. It now also ensures that the provided string is not only parseable, but also reversible, ie. a date can be parsed when it's not existent, however the resulting formatting of that date would then not be the same as the orginal input. 2004-06-02 Geert Bevin <gbevin[remove] at uwyn dot com> * Added support for redirecting to Element ids 2004-06-01 Geert Bevin <gbevin[remove] at uwyn dot com> * Build file updates. 2004-05-29 Geert Bevin <gbevin[remove] at uwyn dot com> * JDK 1.5 beta2 related fixes 2004-05-28 Geert Bevin <gbevin[remove] at uwyn dot com> * Updated for jdk 1.5.02-beta2 2004-05-20 Geert Bevin <gbevin[remove] at uwyn dot com> * Implemented remember IDs purging. * Consistancy fix to all proper resource abstraction for Groovy scripts. 2004-05-19 Geert Bevin <gbevin[remove] at uwyn dot com> * Added ranged users listing to RoleUsersManager. 2004-05-18 Geert Bevin <gbevin[remove] at uwyn dot com> * Added support for custom java compiler arguments through the JAVA_COMPILER_ARGS config list. 2004-05-17 Geert Bevin <gbevin[remove] at uwyn dot com> * Added support for knowing if an authentication session was started with full credentials or through remembered data. * The authentication elements now support the 'prohibit_remember' initparam which enforces authentication sessions that actually validated complete credentials. 2004-05-16 Geert Bevin <gbevin[remove] at uwyn dot com> * Fix for encoded labels. * Added authenticated(long userId) callback to the Authenticated element. 2004-05-15 Geert Bevin <gbevin[remove] at uwyn dot com> * Reduced index name length since Oracle can get in trouble otherwise * Minor automatic input value replacement fix 2004-05-14 Geert Bevin <gbevin[remove] at uwyn dot com> * Updated libs. 2004-05-12 Geert Bevin <gbevin[remove] at uwyn dot com> * Simplified drastically authentication element database tests. * Made remember me cookie exist for 3 months. * Initial remember me support. 2004-05-07 Geert Bevin <gbevin[remove] at uwyn dot com> * Added support for direct template to bytecode compilation. * Made gzip compression configurable. 2004-05-06 Geert Bevin <gbevin[remove] at uwyn dot com> * Implemented automatic and transparent text content gzip compression. 2004-05-05 Geert Bevin <gbevin[remove] at uwyn dot com> * Added exception that is triggered when an unopened tag is closed in a template * Upgraded mysql jdbc jar * Made datasource connection pools be cleaned up at repository cleanup. 2004-05-03 Geert Bevin <gbevin[remove] at uwyn dot com> * Template bugfix to correctly handle templates classes that are loaded from jars where the original source location is also available on the filesystem. 2004-04-21 Geert Bevin <gbevin[remove] at uwyn dot com> * RELEASE 0.7.1