« The unbiased collect... | Main | Longest trip to the... »

Pluggable comment authentication in Roller

A number of people have asked for some form of comment authentication in Roller. On blogs.sun.com, John Hoffman added a simple math test. If you want to leave a comment on blogs.sun.com, you have to be able to add. Other users have asked that only registered users be able to leave comments, some have asked for capchas, and some have asked for TypeKey support. To accomodate all of these forms of comment authentication, I introduced an interface called CommentAuthenticator. It looks like this:

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.velocity.context.Context;
import org.roller.pojos.CommentData;

public interface CommentAuthenticator
{
    public String getHtml(
                        Context context,
                        HttpServletRequest request, 
                        HttpServletResponse response);

    public boolean authenticate(
                        CommentData comment,
                        HttpServletRequest request);
}

I created a DefaultCommentAuthenticator, which does nothing: getHtml() returns and empty string and authenticate() always returns true. So, by default, Roller does no comment authentication. I also created a MathCommentAuthenticator which, like Hoffman's comment form on blogs.sun.com, asks a simple addition question.

If you want to change the way that Roller does authentication, you implement this interface. In the getHtml() method, you get a Velocity context, a request, and a response. This is your chance to add some HTML to the Roller comment form. For example, in the math authenticator, this is where I put the math question and the HTML <inpuyt> tag for the answer. In the authenticate() method, you get the comment that is to be authenticated and the request, so you can pull out any parameters you have have added the form. For example, I grab the answer to the math question from a request parameter named answer. To enable your new authenticator, put it in the Roller classpath and change the value of the org.roller.commentAuthenticator init parameter in Roller's web.xml.

Several people have asked for comment moderation (as seen on Russell's blog). I'm tracking that request as ROL-492, but it is probably not going to make it into Roller 0.9.9.5.

Comments:

See my comments at http://blogs.sun.com/pat/20041018#feedback_on_pluggable_comment_authentication

Posted by Patrick Chanezon on October 18, 2004 at 07:49 AM EDT #

Nice work, Dave. If you (or any hackers who are interested) want any more docs on TypeKey or want to look at sample code in PHP or Perl to compare with, we'd love to see TypeKey support added using this new interface.

Posted by Anil on October 21, 2004 at 12:10 AM EDT #

Post a Comment:
  • HTML Syntax: NOT allowed

« The unbiased collect... | Main | Longest trip to the... »

Welcome

This is just one entry in the weblog Blogging Roller. You may want to visit the main page of the weblog

Related entries

Below are the most recent entries in the category Roller, some may be related to this entry.