You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Carsten Ziegeler (JIRA)" <ji...@apache.org> on 2016/08/09 08:59:22 UTC
[jira] [Commented] (SLING-5792) API to manage Authentication
Requirement
[ https://issues.apache.org/jira/browse/SLING-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413232#comment-15413232 ]
Carsten Ziegeler commented on SLING-5792:
-----------------------------------------
[~anchela] Thanks for your patch, Angela.
I haven't looked in detail into the implementation, but some comments for the API / impl:
What should happen if the client bundle is stopped and does not explicitely remove the auth requirements, should they be removed nevertheless?
The new interface uses a ServiceReference as the key argument for the methods. I think we should not use OSGi objects as keys. I'm not sure about the best way to solve this. Simplest solution would be a String and the client can make up such a key. The implementation could internally use a ServiceFactory which means that it knows the bundle of the client calling the method and therefore it can internally use the provided string key and the bundle id to make a unique key (avoid clashes across bundles using the same key). Or maybe no key argument at all, and each bundle is regarded as a single client. Especially ServiceReference is not a good key as it changes when the bundle containing the service is restarted.
> API to manage Authentication Requirement
> ----------------------------------------
>
> Key: SLING-5792
> URL: https://issues.apache.org/jira/browse/SLING-5792
> Project: Sling
> Issue Type: Sub-task
> Components: Authentication
> Reporter: angela
>
> Apart from the constant {{AuthConstants.AUTH_REQUIREMENTS}} there is no public API available that allowed applications to change the list of authentication requirement entries.
> Instead, applications need to know and rely on implementation details, which not only includes registering services with the {{AuthConstants.AUTH_REQUIREMENTS}} property included but also know about the required format of the property, which from my point of view should be and remain an implementation detail of {{org.apache.sling.auth.core.impl.SlingAuthenticator}}, which IMO should not be considered public API.
> To me it would feel more natural if there existed a {{AuthenticationRequirement}} interface defining methods to extend/update/clear the auth-requirements bound to a particular service reference and having {{org.apache.sling.auth.core.impl.SlingAuthenticator}} implementing that interface.
> Doing so, might also be beneficial from a performance/scalability POV but I would like to cover that in a separate sub-task.
> Proposal for this sub-tasks will follow as I am moving forward.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)