You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2010/02/05 10:56:46 UTC
svn commit: r906883 -
/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
Author: fmeschbe
Date: Fri Feb 5 09:56:45 2010
New Revision: 906883
URL: http://svn.apache.org/viewvc?rev=906883&view=rev
Log:
Some comments ...
Modified:
sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
Modified: sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java?rev=906883&r1=906882&r2=906883&view=diff
==============================================================================
--- sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java (original)
+++ sling/trunk/bundles/commons/auth/src/main/java/org/apache/sling/commons/auth/impl/SlingAuthenticator.java Fri Feb 5 09:56:45 2010
@@ -314,6 +314,11 @@
* authentication.
* @param response The response object which may be used to send the information
* on the request failure to the user.
+ *
+ * @return <code>true</code> if request processing should continue assuming
+ * successfull authentication. If <code>false</code> is returned it
+ * is assumed a response has been sent to the client and the request
+ * is terminated.
*/
public boolean handleSecurity(HttpServletRequest request,
HttpServletResponse response) {
@@ -516,7 +521,14 @@
return null;
}
- /** Try to acquire an Session as indicated by authInfo */
+ /**
+ * Try to acquire an Session as indicated by authInfo
+ *
+ * @return <code>true</code> if request processing should continue assuming
+ * successfull authentication. If <code>false</code> is returned it
+ * is assumed a response has been sent to the client and the request
+ * is terminated.
+ */
private boolean getSession(final HttpServletRequest request,
final HttpServletResponse response, final AuthenticationInfo authInfo) {
@@ -552,9 +564,9 @@
}
- // set the attributes for further processing
+ // no redirect desired, so continue processing by first setting
+ // the request attributes and then returning true
setAttributes(session, authInfo.getAuthType(), request);
-
return true;
} catch (RepositoryException re) {