You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by spmallette <gi...@git.apache.org> on 2017/03/25 10:32:47 UTC

[GitHub] tinkerpop issue #583: TINKERPOP-1657 Provide abstraction to easily allow dif...

Github user spmallette commented on the issue:

    https://github.com/apache/tinkerpop/pull/583
  
    Hi and thanks for contributing. In general, I like the concept of this pull request, but I have some thoughts to share to get us both on the same page. I'd thought about doing this when we first decided to get authentication in place. I opted not to do it for at least a couple reasons that I can remember:
    
    1. The `Channelizer` abstraction might be enough of an abstraction. It's not complex by any means - the core of `HttpChannelizer` is 20 lines of easily readable code. If someone doesn't want basic auth, then just write a new `Channelizer` and done. Personally, I'm not sure I want to see us expand different kinds of HTTP  auth in TinkerPop so `HttpChannelizer` with basic auth seems good enough.
    2. The configuration system required further pollution of the root of the configuration file. It bugs me that we don't have `Channelizer` specific configurations - e.g. you had to add `httpAuthHandlerClassName` to `Settings` and that value has nothing to do with anything other than `HttpChannelizer`. If you were configured for web sockets it would just be ignored. Not saying that we don't have that issue at hand now (as I think we do), but I didn't want to continue to proliferate it.
    
    Anyway, I'd had it in my mind that solving 2 would make 1 more palatable as something to do, but 2 hasn't come around yet and unless there is a neat way to do it, it will come in as a breaking change to the Gremlin Server configuration file. 
    
    So that's the basic history on this direction for auth configuration - thoughts?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---