[jira] [Assigned] (JCR-3164) Add minimal maintenance API to TokenBasedAuthentication

["angela (Assigned) (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/JCR-3164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

angela reassigned JCR-3164:
---------------------------

    Assignee: angela

hi felix

i have a major refactoring of the internal token handing in
progress... unfortunately it's not realistic any more for 2.4 (for reasons you are perfectly aware of, aren't you?).

i would therefore not spent too much effort in such an API at this moment.

what i would propose you to use for the time being is:
TokenBasedAuthentication.getTokenNode(TokenCredentials, Session) and take care of the node removal youself.
                
> Add minimal maintenance API to TokenBasedAuthentication
> -------------------------------------------------------
>
>                 Key: JCR-3164
>                 URL: https://issues.apache.org/jira/browse/JCR-3164
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>          Components: jackrabbit-core
>    Affects Versions: 2.3.4
>            Reporter: Felix Meschberger
>            Assignee: angela
>
> Currently the TokenBasedAuthentication class creates token nodes on demand and will only remove a token's node if the token is used after it has expired. To be able to do some token maintenance in down stream code (for example in a Sling Authentication Handler), some maintenance API would be helpful:
>   String createToken(String username, long initialExpiry, Session session) throws RepositoryException;
>   void removeToken(String token, Session session) throws RepositoryException;
> Will attach a proposed patch.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira