You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2009/12/15 16:05:18 UTC
[jira] Created: (SLING-1240) Allow configuration of URL space open
without credentials
Allow configuration of URL space open without credentials
---------------------------------------------------------
Key: SLING-1240
URL: https://issues.apache.org/jira/browse/SLING-1240
Project: Sling
Issue Type: Improvement
Components: Engine
Affects Versions: Engine 2.0.6
Reporter: Felix Meschberger
Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
Such configuration may be of different form:
* authentication handler declaring part of the URL space as requiring authentication
* SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1240) Allow configuration of URL space
open without credentials
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791229#action_12791229 ]
Felix Meschberger commented on SLING-1240:
------------------------------------------
This might probably also make sense, yes.
To be sure, I don't have a patch right now, this is just a conceptual idea (or functional requirement) right now to follow up on ... So everything is still open for discussion and extension.
In any case, we must make sure to provide a backwards compatible way for the current "global" setup, but even with adding methods to the configuration, this is still possible: The current "global" configuration just applies to all URLs with any request method.
> Allow configuration of URL space open without credentials
> ---------------------------------------------------------
>
> Key: SLING-1240
> URL: https://issues.apache.org/jira/browse/SLING-1240
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
>
> Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
> To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
> Such configuration may be of different form:
> * authentication handler declaring part of the URL space as requiring authentication
> * SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1240) Allow configuration of URL space
open without credentials
Posted by "Justin Edelson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12790800#action_12790800 ]
Justin Edelson commented on SLING-1240:
---------------------------------------
Random thought - Does it make sense to include method as part of the configuration?
> Allow configuration of URL space open without credentials
> ---------------------------------------------------------
>
> Key: SLING-1240
> URL: https://issues.apache.org/jira/browse/SLING-1240
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
>
> Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
> To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
> Such configuration may be of different form:
> * authentication handler declaring part of the URL space as requiring authentication
> * SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (SLING-1240) Allow configuration of URL space open
without credentials
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger closed SLING-1240.
------------------------------------
Nothing more to do here. Close this.
> Allow configuration of URL space open without credentials
> ---------------------------------------------------------
>
> Key: SLING-1240
> URL: https://issues.apache.org/jira/browse/SLING-1240
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
>
> Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
> To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
> Such configuration may be of different form:
> * authentication handler declaring part of the URL space as requiring authentication
> * SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-1240) Allow configuration of URL space
open without credentials
Posted by "Bertrand Delacretaz (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791265#action_12791265 ]
Bertrand Delacretaz commented on SLING-1240:
--------------------------------------------
Good idea to include methods, and maybe protocol (http/https) as well?
> Allow configuration of URL space open without credentials
> ---------------------------------------------------------
>
> Key: SLING-1240
> URL: https://issues.apache.org/jira/browse/SLING-1240
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
>
> Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
> To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
> Such configuration may be of different form:
> * authentication handler declaring part of the URL space as requiring authentication
> * SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SLING-1240) Allow configuration of URL space open
without credentials
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SLING-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Felix Meschberger resolved SLING-1240.
--------------------------------------
Assignee: Felix Meschberger
Resolution: Duplicate
Resolving as duplicate of SLING-966 without an actual fix version.
> Allow configuration of URL space open without credentials
> ---------------------------------------------------------
>
> Key: SLING-1240
> URL: https://issues.apache.org/jira/browse/SLING-1240
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
>
> Currently the SlingAuthenticator has a single flag -- auth.annonymous -- defining whether anonymous access is allowed or not.
> To allow for more flexibility it would be interesting to be able to partition the URL space into areas requiring authentication and ares not requiring authentication. As such the current situation just has a single area -- the complete URL space -- which may be configured to require authentication or not.
> Such configuration may be of different form:
> * authentication handler declaring part of the URL space as requiring authentication
> * SlingAuthenticator configuration listing regular expressions to partition the URL space into authentication requiring areas.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.