You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Jukka Zitting (JIRA)" <ji...@apache.org> on 2013/07/30 11:31:50 UTC

[jira] [Commented] (JCR-3634) New method: JackrabbitRepository.login(Credentials, Map)

    [ https://issues.apache.org/jira/browse/JCR-3634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13723620#comment-13723620 ] 

Jukka Zitting commented on JCR-3634:
------------------------------------

I'd rather keep the explicit workspace argument, with null for the default workspace like in the existing login() methods.

Also, I'd avoid overloading the credentials attributes for this. If an attributes map is passed to the proposed method, they are taken to apply to the session being created, not to the credentials being passed. The approach of using credential attributes to pass session parameters is IMHO not semantically correct. Something like the mentioned auto-refresh mode has nothing to do with access credentials. And the proposed definition leaves something like login(new GuestCredentials(), Collections.singletonMap("AutoRefresh", true)) undefined, as GuestCredentials does not support attributes.

Instead I'd define the method as follows:

    /** 
     * Equivalent to {@code login(credentials, workspaceName)} except that the returned
     * Session instance contains the given extra session attributes in addition to any
     * included in the given Credentials instance.
     * <p>
     * The attributes are implementation-specific and may affect the behavior of the returned
     * session. Unlike credentials attributes, these separately passed session attributes
     * are guaranteed not to affect the authentication of the client.
     * <p>
     * An implementation that does not support a particular session attribute is expected
     * to ignore it and not make it available through the returned session. A client that
     * depends on specific behavior defined by a particular attribute can check whether
     * the returned session contains that attribute to verify whether the underlying
     * repository implementation supports that feature.
     *
     * @param credentials the credentials of the user
     * @param workspaceName the name of a workspace
     * @param attributes implementation-specific session attributes
     * @return a valid session for the user to access the repository
     * @throws LoginException if authentication or authorization for the specified workspace fails
     * @throws NoSuchWorkspaceException if the specified workspace is not recognized
     * @throws RepositoryException if another error occurs
     */
    Session login(Credentials credentials, String workspaceName, Map<String, Object> attributes)
        throws LoginException, NoSuchWorkspaceException, RepositoryException;

Note the last paragraph of the definition, which allows the following naive default implementation:

    public Session login(Credentials credentials, String workspaceName, Map<String, Object> attributes)
            throws LoginException, NoSuchWorkspaceException, RepositoryException {
        return login(credentials, workspaceName);
    }

                
> New method: JackrabbitRepository.login(Credentials, Map<String, Object>)
> ------------------------------------------------------------------------
>
>                 Key: JCR-3634
>                 URL: https://issues.apache.org/jira/browse/JCR-3634
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>          Components: jackrabbit-api
>    Affects Versions: 2.7.1
>            Reporter: Michael Dürig
>
> As discussed [1] we need a way for passing session attributes on login without having to fall back to credentials. The latter might not support credentials or not be present at all when authentication is handled externally.
> I suggest to add the following method to JackrabbitRepository:
> /**
>  * Equivalent to <code>login(credentials, workspace)</code> where
>  * <ul>
>  *     <li><code>workspace = attributes.get(ATT_WORKSPACE_NAME)</code>,</li>
>  *     <li><code>credentials</code> carry all and only the attributes passed
>  *     through the <code>attributes</code> map.</li>
>  * </ul>
>  *
>  * @param credentials  the credentials of the user
>  * @param attributes   the attributes to put into the session
>  * @return a valid session for the user to access the repository.
>  * @throws javax.jcr.LoginException  if authentication or authorization for the
>  *     specified workspace fails.
>  * @throws javax.jcr.NoSuchWorkspaceException  if the specified workspace is not recognized.
>  * @throws javax.jcr.RepositoryException  if another error occurs.
>  */
> Session login(Credentials credentials, Map<String, Object> attributes);
> See also OAK-803 for some more background.
> [1] http://markmail.org/message/lwhpglehee3jgpip

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira