You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cocoon.apache.org by "Steven Dolg (JIRA)" <ji...@apache.org> on 2009/04/30 13:44:30 UTC

[jira] Updated: (COCOON3-35) Support access to URLs that require authentication.

     [ https://issues.apache.org/jira/browse/COCOON3-35?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Steven Dolg updated COCOON3-35:
-------------------------------

    Attachment: authentication.patch

I have created a small patch that demonstrates how authentication could be integrated into our PipelineComponents (without changing much).

To supply a user and password you have to use the format
    <protocol>://<user>:<password>@<host>:<port>/<url-path>

(See http://tools.ietf.org/html/rfc1738#section-3.1 for details).

Using this for all components basically means changing how the URLConnection is obtained.
Not a very interesting task, but easily done.


However there is a downside to this:
Using the sun.misc.BASE64Encoder is potentially dangerous (changes in the API, etc.) and will probably not work with JREs from other vendors.
But there is also the "Pipeline does not have external dependencies" policy which would be nice to keep up.
Maybe we can introduce an optional dependency for that (like commons-codec).


There is also the java.net.Authenticator, which can basically provide the same functionality (without a dependency to sun... classes), however in my tests it did not work with redirects.

Maybe someone else has some opinions/experience with that...

> Support access to URLs that require authentication.
> ---------------------------------------------------
>
>                 Key: COCOON3-35
>                 URL: https://issues.apache.org/jira/browse/COCOON3-35
>             Project: Cocoon 3
>          Issue Type: New Feature
>          Components: cocoon-sax, cocoon-stax, cocoon-stringtemplate
>    Affects Versions: 3.0.0-alpha-1
>            Reporter: Steven Dolg
>            Assignee: Cocoon Developers Team
>            Priority: Minor
>             Fix For: 3.0.0-alpha-2
>
>         Attachments: authentication.patch
>
>
> Currently our pipeline components cannot access URLs that require authentication.
> While it is possible to create specialized versions of each component and add authentication there, it shouldn't be too difficult to support this feature in every pipeline component we currently have.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.