Create a new aspect

This tutorial takes you through creating a new aspect in an existing BladeRunner application, using a Login Aspect as a specific example.

It assumes that you are familiar with the basics of what an aspect is, and how they relate to the other components of a BladeRunner application. Have a look at "About Aspects" for further information.

1. Before You Start

To follow this tutorial, you’ll need to have a basic application structure similar to this; for the examples given, we’ll use an application called example-app, and a bladeset called my-bladeset. The default-aspect is also present:

br aspect 3

This aspect will handle authentication of users arriving at the application URL without logging in first. Having logged in, users would then be redirected to the default-aspect, where more of the app’s functionality would be made available.

2. Create the New Aspect via the Command-line

To create the new login aspect, go to a command-line window and execute the following instruction:

bladerunner create-aspect _ _

For example:

bladerunner create-aspect *_example-app login_*

Your app folder structure will then look something like this:

br aspect 4

3. Create a Login Page

You now need to create a home-page for the login aspect, which you can do by adding a login form like the one below, to the body of the login-aspect/index.html file:

<form method="post" action="j_security_check">
        <p>Username: <input class="username"
            type="text"
            name="j_username"
            value="user1@caplin.com" />
        </p>
        <p>Password: <input class="password"
            type="password"
            name="j_password"
            value="password" />
        </p>
        <p><input type="submit"
            value="Login"
            name="submit" />
        </p>
    </form>

The above HTML creates a basic login page which submits a j_username and j_password, which are standardized names in the Java servlet specification.

Currently of course, people who enter the URL of this application would be directed to the default-aspect, whether they are logged in or not, as laid out in the table below:

URL Request Logical URL Aspect

http://localhost:7070/example-app

http://localhost:7070/example-app/default-aspect

default-aspect

http://localhost:7070/example-app/default

http://localhost:7070/example-app/default-aspect

default-aspect

http://localhost:7070/example-app/login

http://localhost:7070/example-app/login-aspect

login-aspect

What you need to do now, is ensure that any users who are not logged in, will have to do so before they can access the default-aspect of the application. You can do this by configuring a security constraint to the web.xml file in the WEB-INF folder.

4. Add security constraint config to web.xml

The following XML extract adds a security constraint named 'Login Section', which directs unauthorized users to /login. Only after the users have been authenticated, will they be able to get to their initial request location; i.e. /default-aspect.

The Jetty web server requires a realm-name value. BladeRunner has this internally defined as 'BladeRunnerLoginRealm'.

<security-role>
        <role-name>user</role-name>
    </security-role>

    <security-constraint>
        <web-resource-collection>
           <web-resource-name>Application</web-resource-name>
           <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>

    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Login Section</web-resource-name>
            <url-pattern>/login/*</url-pattern>
        </web-resource-collection>
    </security-constraint>

    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>BladeRunnerLoginRealm</realm-name>
        <form-login-config>
            <form-login-page>/login/</form-login-page>
            <form-error-page>/login/</form-error-page>
        </form-login-config>
    </login-config>

5. Restart BladeRunner and Access your Application

Stop the BladeRunner process, and then start it again from your command-line window, (using the command: bladerunner start).

If you go to a browser and enter the URL request for your application (http://localhost:7070/example-app), it should now redirect you to the login-aspect; http://localhost:7070/example-app/login.

Clicking the Login button will then take you through to your default-aspect.

Scenario: Create a Mobile Aspect

Aspects are not just for creating a login entry-point for your application though. You could also use an aspect to create a 'view' of your application to present to mobile or tablet devices.

A simple way of doing this would be to have the default-aspect contain logic to detect the browser agent , and then use that information to redirect tablets or mobile phones to a more "mobile-friendly" aspect of their application. The mobile-aspect would still have access to all the application bladesets, but may have an interface geared towards touch-screen devices, avoiding mouse-over features, but making use of touch gesture libraries, to give a richer user experience.