You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sling.apache.org by fm...@apache.org on 2010/02/05 10:56:46 UTC

svn commit: r906883 - /sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java

Author: fmeschbe
Date: Fri Feb  5 09:56:45 2010
New Revision: 906883

URL: http://svn.apache.org/viewvc?rev=906883&view=rev
Log:
Some comments ...

Modified:
    sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java

Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java?rev=906883&r1=906882&r2=906883&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java (original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java Fri Feb  5 09:56:45 2010
@@ -314,6 +314,11 @@
      *            authentication.
      * @param response The response object which may be used to send the information
      *            on the request failure to the user.
+     *
+     * @return <code>true</code> if request processing should continue assuming
+     *      successfull authentication. If <code>false</code> is returned it
+     *      is assumed a response has been sent to the client and the request
+     *      is terminated.
      */
     public boolean handleSecurity(HttpServletRequest request,
             HttpServletResponse response) {
@@ -516,7 +521,14 @@
         return null;
     }
 
-    /** Try to acquire an Session as indicated by authInfo */
+    /**
+     * Try to acquire an Session as indicated by authInfo
+     *
+     * @return <code>true</code> if request processing should continue assuming
+     *         successfull authentication. If <code>false</code> is returned it
+     *         is assumed a response has been sent to the client and the request
+     *         is terminated.
+     */
     private boolean getSession(final HttpServletRequest request,
             final HttpServletResponse response, final AuthenticationInfo authInfo) {
 
@@ -552,9 +564,9 @@
 
             }
 
-            // set the attributes for further processing
+            // no redirect desired, so continue processing by first setting
+            // the request attributes and then returning true
             setAttributes(session, authInfo.getAuthType(), request);
-
             return true;
 
         } catch (RepositoryException re) {