You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Ziv Horesh <zh...@gmail.com> on 2010/03/10 23:52:43 UTC
Authen token parsing
Currently authentication token in Shindig is being parsed as part of
AuthenticationServletFilter.
The filter stuff the token in the AuthInfo class, so it can be used later.
So at this point the token is being parsed weather it is being used or not.
We suggest to improve that by deferring the parsing to the time it actually
being used the first time.
Basically AuthInfo instead of holding the token will store a proxy for the
token that will do the parsing as needed.
Currently the servlet filter support a special case of redirecting request
as a result oof token parsing.
I don't think this feature is being used by Shindig at this point.
Token parsing deferral will stop supporting token redirection.
Does anyone know if this feature is used anywhere?
Is it really needed or can we obsolete it?
Any opinion will be appricated.
Thanks
Ziv
Re: Authen token parsing
Posted by Paul Lindner <li...@inuus.com>.
I'm not aware of any feature using redirects based on token parsing. Can you
point to the code that does this?
Also, it would be instructive to know the percentage of requests where a
token is parsed but not used. Do you have any stats?
On Wed, Mar 10, 2010 at 3:52 PM, Ziv Horesh <zh...@gmail.com> wrote:
> Currently authentication token in Shindig is being parsed as part of
> AuthenticationServletFilter.
> The filter stuff the token in the AuthInfo class, so it can be used later.
> So at this point the token is being parsed weather it is being used or not.
>
> We suggest to improve that by deferring the parsing to the time it actually
> being used the first time.
> Basically AuthInfo instead of holding the token will store a proxy for the
> token that will do the parsing as needed.
>
> Currently the servlet filter support a special case of redirecting request
> as a result oof token parsing.
> I don't think this feature is being used by Shindig at this point.
>
> Token parsing deferral will stop supporting token redirection.
> Does anyone know if this feature is used anywhere?
> Is it really needed or can we obsolete it?
>
> Any opinion will be appricated.
>
> Thanks
> Ziv
>