You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/04/03 15:38:41 UTC
[jira] [Commented] (TINKERPOP-1657) Provide abstraction to easily
allow different HttpAuth schemes
[ https://issues.apache.org/jira/browse/TINKERPOP-1657?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15953681#comment-15953681 ]
ASF GitHub Bot commented on TINKERPOP-1657:
-------------------------------------------
Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/583
@robertdale i'm glad you're thinking at that level wrt to security aspects of Gremlin Server. My understanding of SSL beyond what I've implemented so far is pretty weak, so if you have additional ideas there that would make things better that would be great. I can't say if this PR helps with what you described. My understanding of your comment makes me feel like it doesn't help directly and that the current way to do that would be a fresh `Channelizer` implementation, but I could be missing something.
> Provide abstraction to easily allow different HttpAuth schemes
> --------------------------------------------------------------
>
> Key: TINKERPOP-1657
> URL: https://issues.apache.org/jira/browse/TINKERPOP-1657
> Project: TinkerPop
> Issue Type: Improvement
> Components: server
> Reporter: Keith Lohnes
>
> The current HttpChannelizer allows for extension through an Authenticator class supplied through the authorization settings. There isn't, however, an extension point for an authentication handler. Currently the choice is between the `AllowAllAuthenticator` or the `HttpBasicAuthenticationHandler`. One would need to create a new channelizer where the HttpChannelizer would suffice. Creating an abstract class that can be extended would make it easier to extend Authentication for things like token authentication schemes.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)