Re: [Acegisecurity-developer] Removal of Requirement for StatelessTicketCache on CasAuthenticationProvider
Ray, I committed it to the TRUNK. Anywhere else I should commit it? Such as the 1.0.x branch? I'd like to see it out in the next release (its something we can use in the CAS project since we use Acegi ;-)) Thanks -Scott Ray Krueger wrote: Number 3 above is generally the pattern followed in Acegi... private StatelessTicketCache statelessTicketCache = new NullStatelessTicketCache(); ...with a setter for it defining a custom implementation. I don't think that would be a big deal to change, though I'm unsure of it's role in the CAS stuff. I've never used our CAS support :) On 11/6/07, Scott Battaglia [EMAIL PROTECTED] wrote: Ben, Do you have any objections to removing the fact that a StatelessTicketCache is required for the CasAuthenticationProvider? Its only needed when a remoting protocol is used and requires every application to possibly have an unnecessary dependency on EhCache. We have three options: 1. Just turn off the check for the StatelessTicketCache (and wherever its called, also check for null) 2. Create a Stub/NoCacheStatelessTicketCache that is a shell to satisfy the dependency but still require people to configure it 3. Create the stub and have it be the default value in the CasAuthenticationProvider meaning that no configuration is required. Thoughts? Thanks -Scott -- Scott Battaglia Application Developer, Architecture Engineering Team Enterprise Systems and Services, Rutgers University v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED] - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Removal of Requirement for StatelessTicketCache on CasAuthenticationProvider
Yes, it's used in core. It is the default backing for the UserCache. On 11/6/07, Scott Battaglia [EMAIL PROTECTED] wrote: The StatelessTicketCache is only used within the CAS support for the purpose of simulating sessions for stateless remote access. Normal CAS support does not require the StatelessTicketCache (in fact the CAS protocol doesn't really recommend you re-use the single use tickets ;-)). I'm okay with option 3 also. I'll create a JIRA issue and commit the code. Would we need to update our pom file? Is EhCache used for anything besides the CAS support within Acegi? Thanks -Scott Ray Krueger wrote: Number 3 above is generally the pattern followed in Acegi... private StatelessTicketCache statelessTicketCache = new NullStatelessTicketCache(); ...with a setter for it defining a custom implementation. I don't think that would be a big deal to change, though I'm unsure of it's role in the CAS stuff. I've never used our CAS support :) On 11/6/07, Scott Battaglia [EMAIL PROTECTED] wrote: Ben, Do you have any objections to removing the fact that a StatelessTicketCache is required for the CasAuthenticationProvider? Its only needed when a remoting protocol is used and requires every application to possibly have an unnecessary dependency on EhCache. We have three options: 1. Just turn off the check for the StatelessTicketCache (and wherever its called, also check for null) 2. Create a Stub/NoCacheStatelessTicketCache that is a shell to satisfy the dependency but still require people to configure it 3. Create the stub and have it be the default value in the CasAuthenticationProvider meaning that no configuration is required. Thoughts? Thanks -Scott -- Scott Battaglia Application Developer, Architecture Engineering Team Enterprise Systems and Services, Rutgers University v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED] - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Removal of Requirement for StatelessTicketCache on CasAuthenticationProvider
I've created an issue and marked it for 1.0.6: http://opensource.atlassian.com/projects/spring/browse/SEC-592 Ray Krueger wrote: Number 3 above is generally the pattern followed in Acegi... private StatelessTicketCache statelessTicketCache = new NullStatelessTicketCache(); ...with a setter for it defining a custom implementation. I don't think that would be a big deal to change, though I'm unsure of it's role in the CAS stuff. I've never used our CAS support :) On 11/6/07, Scott Battaglia [EMAIL PROTECTED] wrote: Ben, Do you have any objections to removing the fact that a StatelessTicketCache is required for the CasAuthenticationProvider? Its only needed when a remoting protocol is used and requires every application to possibly have an unnecessary dependency on EhCache. We have three options: 1. Just turn off the check for the StatelessTicketCache (and wherever its called, also check for null) 2. Create a Stub/NoCacheStatelessTicketCache that is a shell to satisfy the dependency but still require people to configure it 3. Create the stub and have it be the default value in the CasAuthenticationProvider meaning that no configuration is required. Thoughts? Thanks -Scott -- Scott Battaglia Application Developer, Architecture Engineering Team Enterprise Systems and Services, Rutgers University v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED] - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Removal of Requirement for StatelessTicketCache on CasAuthenticationProvider
The StatelessTicketCache is only used within the CAS support for the purpose of simulating sessions for stateless remote access. Normal CAS support does not require the StatelessTicketCache (in fact the CAS protocol doesn't really recommend you re-use the single use tickets ;-)). I'm okay with option 3 also. I'll create a JIRA issue and commit the code. Would we need to update our pom file? Is EhCache used for anything besides the CAS support within Acegi? Thanks -Scott Ray Krueger wrote: Number 3 above is generally the pattern followed in Acegi... private StatelessTicketCache statelessTicketCache = new NullStatelessTicketCache(); ...with a setter for it defining a custom implementation. I don't think that would be a big deal to change, though I'm unsure of it's role in the CAS stuff. I've never used our CAS support :) On 11/6/07, Scott Battaglia [EMAIL PROTECTED] wrote: Ben, Do you have any objections to removing the fact that a StatelessTicketCache is required for the CasAuthenticationProvider? Its only needed when a remoting protocol is used and requires every application to possibly have an unnecessary dependency on EhCache. We have three options: 1. Just turn off the check for the StatelessTicketCache (and wherever its called, also check for null) 2. Create a Stub/NoCacheStatelessTicketCache that is a shell to satisfy the dependency but still require people to configure it 3. Create the stub and have it be the default value in the CasAuthenticationProvider meaning that no configuration is required. Thoughts? Thanks -Scott -- Scott Battaglia Application Developer, Architecture Engineering Team Enterprise Systems and Services, Rutgers University v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED] - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer