[ https://issues.apache.org/jira/browse/JCR-3222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jukka Zitting updated JCR-3222: ------------------------------- Attachment: 0001-JCR-3222-Allow-servlet-filters-to-specify-custom-ses.patch > But I don't like this -- special case handling affecting all but used by one > only. You don't have the same concern about injecting the ResourceResolver instance as a request attribute? Just like the OSGi service space, the attributes support in servlet requests (or servlet context, etc.) is a whiteboard shared by multiple providers and consumers. Why would adding a properly namespaced attribute affect anyone but the consumer of that attribute? Additionally, the AuthHttpContext class in the Sling davex bundle is already designed specifically for the needs of the davex servlet (it needs to interpret the workspace part of the URL). So I don't see how this would affect anyone but the davex servlet. Anyway, I guess we should simply allow both approaches and let downstream users decide which mechanism they want to use. PS. Sorry about uploading the wrong file above... :-) I've uploaded the actual patch. > Allow servlet filters to specify custom session providers > --------------------------------------------------------- > > Key: JCR-3222 > URL: https://issues.apache.org/jira/browse/JCR-3222 > Project: Jackrabbit Content Repository > Issue Type: Improvement > Components: jackrabbit-jcr-server > Reporter: Jukka Zitting > Priority: Minor > Attachments: > 0001-JCR-3222-Allow-servlet-filters-to-specify-custom-ses.patch, > JCR-3222-fmeschbe.patch, jackrabbit-jcr-server-2.6-SNAPSHOT.jar > > > In order to integrate the Jackrabbit davex server functionality with their > custom authentication logic, the Sling project currently needs to embed and > subclass the davex servlet classes. It would be cleaner if such tight > coupling wasn't needed. > One way to achieve something like that would be to allow external components > to provide a custom SessionProvider instance as an extra request attribute. > This way for example a servlet filter that implements such custom > authentication logic could easily make its functionality available to the > standard davex servlet in Jackrabbit. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira