On Tue, Feb 14, 2012 at 10:14 PM, Sameera Jayasoma <same...@wso2.com> wrote:
> https://wso2.org/jira/browse/CARBON-12378 > > Thanks, > Sameera. > > > On Tue, Feb 14, 2012 at 9:50 PM, Amila Jayasekara <ami...@wso2.com> wrote: > >> On Tue, Feb 14, 2012 at 9:32 PM, Sameera Jayasoma <same...@wso2.com> >> wrote: >> > Hi Amila, >> > >> > +1 for the proposed changes. Please see my comments below. >> > >> > On Tue, Feb 14, 2012 at 3:22 PM, Amila Jayasekara <ami...@wso2.com> >> wrote: >> >> >> >> Hi All, >> >> >> >> We had a review discussion on Carbon Authenticators and following are >> >> the review notes. >> >> >> >> 1. There are some common logic that should be implemented in every >> >> authenticator. Currently invoking this logic is duplicated among >> >> authenticators. So to avoid that we are planning to come up with an >> >> abstract Authenticator implementation. >> >> 2. As per now AuthenticationHandler first invokes AuthenticationAdmin >> >> and then it calls chain of authenticators. The AuthenticationAdmin >> >> call is not necessary. We need to refactor code in such a way that >> >> authenticator it self will only handle authenticating logic (Rather >> >> than within the Handler). >> >> 3. Properly implement authenticator chaining pattern. Make use >> >> “isHandle”, “priority”, “isAuthenticated” methods and make only >> >> authenticator aware about the logic. >> >> 4. After cleaning up the API, implement “Basic Auth” authenticator. >> >> (As first step) >> > >> > >> > 5. Cleanup Carbon.UI framework to improve the plugability of custom >> > authenticators. I recently wrote an authenticator, but I had to hard >> code >> > some URLs in the CarbonSecurityHttpContext class. Please have a look at >> the >> > following method in this class. >> > >> > private boolean skipSSOSessionInvalidation(String requestedURI) { >> > boolean skipSessionInvalidation = false; >> > if ((requestedURI.indexOf("/samlsso") > -1) >> > || (requestedURI.indexOf("sso-saml/login.jsp") > -1) >> > || >> > (requestedURI.indexOf("stratos-sso/login_ajaxprocessor.jsp") > -1) >> > || >> > (requestedURI.indexOf("sso-saml/redirect_ajaxprocessor.jsp") > -1) >> > || >> > (requestedURI.indexOf("stratos-sso/redirect_ajaxprocessor.jsp") > -1) >> > || >> > (requestedURI.indexOf("sso-acs/redirect_ajaxprocessor.jsp") > -1) >> > || >> > (requestedURI.indexOf("stratos-auth/redirect_ajaxprocessor.jsp") > -1)) >> { >> > skipSessionInvalidation = true; >> > } >> > return skipSessionInvalidation; >> > } >> > >> > As a part of this effort, lets refactor this bit of code as well. >> > I have looked into this already, I will come up with set of handler implementations(same as axis2 handlers) to clean up that lengthy method. We will discuss once I am done with the code. Thank you. > >> +1. Will take above into consideration as well. If possible please >> create a carbon Jira and assigned to me. >> >> Thanks >> AmilaJ >> >> > >> > Thanks, >> > Sameera. >> > >> >> >> >> Thanks >> >> AmilaJ >> >> >> >> -- >> >> Mobile : +94773330538 >> >> >> >> _______________________________________________ >> >> Carbon-dev mailing list >> >> Carbon-dev@wso2.org >> >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> > >> > >> > >> > >> > -- >> > Sameera Jayasoma >> > Technical Lead and Product Manager, WSO2 Carbon >> > >> > WSO2, Inc. (http://wso2.com) >> > email: same...@wso2.com >> > blog: http://tech.jayasoma.org >> > >> > >> > Lean . Enterprise . Middleware >> > >> > _______________________________________________ >> > Carbon-dev mailing list >> > Carbon-dev@wso2.org >> > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> > >> >> >> >> -- >> Mobile : +94773330538 >> _______________________________________________ >> Carbon-dev mailing list >> Carbon-dev@wso2.org >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> > > > > -- > Sameera Jayasoma > Technical Lead and Product Manager, WSO2 Carbon > > WSO2, Inc. (http://wso2.com) > email: same...@wso2.com > blog: http://tech.jayasoma.org > > Lean . Enterprise . Middleware > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Manjula Rathnayaka Software Engineer WSO2, Inc. Mobile:+94 77 743 1987
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
