[
https://issues.apache.org/jira/browse/JCR-3222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jukka Zitting updated JCR-3222:
-------------------------------
Attachment: 0001-JCR-3222-Allow-servlet-filters-to-specify-custom-ses.patch
> But I don't like this -- special case handling affecting all but used by one
> only.
You don't have the same concern about injecting the ResourceResolver instance
as a request attribute? Just like the OSGi service space, the attributes
support in servlet requests (or servlet context, etc.) is a whiteboard shared
by multiple providers and consumers. Why would adding a properly namespaced
attribute affect anyone but the consumer of that attribute?
Additionally, the AuthHttpContext class in the Sling davex bundle is already
designed specifically for the needs of the davex servlet (it needs to interpret
the workspace part of the URL). So I don't see how this would affect anyone but
the davex servlet.
Anyway, I guess we should simply allow both approaches and let downstream users
decide which mechanism they want to use.
PS. Sorry about uploading the wrong file above... :-) I've uploaded the actual
patch.
> Allow servlet filters to specify custom session providers
> ---------------------------------------------------------
>
> Key: JCR-3222
> URL: https://issues.apache.org/jira/browse/JCR-3222
> Project: Jackrabbit Content Repository
> Issue Type: Improvement
> Components: jackrabbit-jcr-server
> Reporter: Jukka Zitting
> Priority: Minor
> Attachments:
> 0001-JCR-3222-Allow-servlet-filters-to-specify-custom-ses.patch,
> JCR-3222-fmeschbe.patch, jackrabbit-jcr-server-2.6-SNAPSHOT.jar
>
>
> In order to integrate the Jackrabbit davex server functionality with their
> custom authentication logic, the Sling project currently needs to embed and
> subclass the davex servlet classes. It would be cleaner if such tight
> coupling wasn't needed.
> One way to achieve something like that would be to allow external components
> to provide a custom SessionProvider instance as an extra request attribute.
> This way for example a servlet filter that implements such custom
> authentication logic could easily make its functionality available to the
> standard davex servlet in Jackrabbit.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
