You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Mike Müller (JIRA)" <ji...@apache.org> on 2010/01/26 00:06:34 UTC
[jira] Commented: (SLING-1314) Add support for login feedback from
Authenticator to authentication handler
[ https://issues.apache.org/jira/browse/SLING-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12804776#action_12804776 ]
Mike Müller commented on SLING-1314:
------------------------------------
I agree on the possible need of knowing the outcome of authentication after providing authentication credentials.
But I think it's not very natural to register for the feedback on the returning AuthenticationInfo object. IMHO AuthenticationInfo should be just what the name promises - a plain data object.
Maybe we could insert this functionality by extend the new AuthenticationHandlers interface (the decision to make it independent of the old AuthenticationHandlers also was driven by the possibility of future add-ons).
My second proposal (which I would prefer) would be to create the new proposed AuthenticationFeedbackHandler interface and similar to the AuthenticationHandler give the possibility to register it as service on a given path. So a AuthenticationHandler can register himself also as AuthenticationFeedbackHandler in the same step (if needed). If no AuthenticationFeedbackHandler is registered at a given path the default AuthenticationFeedbackHandler will be taken which would implement the default behavour.
> Add support for login feedback from Authenticator to authentication handler
> ---------------------------------------------------------------------------
>
> Key: SLING-1314
> URL: https://issues.apache.org/jira/browse/SLING-1314
> Project: Sling
> Issue Type: New Feature
> Components: Commons
> Reporter: Felix Meschberger
>
> There might be situations (or AuthenticationHandlers, actually), desiring to get feedback on the outcome of authentication after providing authentication credentials. At the moment this "feedback" is limited to the case of failed login when the SlingAuthenticator calls back into the AuthenticationHandler to request credentials. But this is only indirect feedback in the failure case.
> I propose to extend the feedback transfer as follows:
> * Add AuthenticationFeedbackHandler interface with two methods:
> // called if authentication failed, handler is not expected to send response
> // since SlingAuthenticator will call requestCredentials
> void authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo)
> // called if authentication succeeded, handler may write into the response
> // particularly setting a cookie or the like is possible here
> void authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo)
> * Add two methods to the AuthenticationInfo class to pass in a feedback handler:
> // May be called by the AuthenticationHandler to request feedback on the authentication
> void setAuthenticationFeedbackHandler(AuthenticationFeedbackHandler)
> // forward to configured feedback handler, ignored if none
> void authenticationFailed(HttpServletRequest, HttpServletResponse)
> // forward to configured feedback handler or handle redirect request if none
> void authenticationSucceeded(HttpServletRequest, HttpServletResponse)
> * SlingAuthenticator calls the new AuthenticationInfo methods on success or failure after login
> * The default behaviour of the AuthenticationInfo.authenticationSucceeded is to redirect to a desired target. This moves the SlingAuthenticator.handleRedirect method to a (probably) new static method, which is called by the AuthenticationInfo class and which may also be called by any implementation of the AuthenticationFeedbackHandler.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.