[
https://issues.apache.org/jira/browse/JCR-3634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13723679#comment-13723679
]
Jukka Zitting commented on JCR-3634:
------------------------------------
> Which attribute would take precedence in your case when there is a conflict
> between the ones one the Credential instance and the explicitly passed ones?
Good point. We can make that explicit with something like: "Attributes included
in or implied by the credentials instance override those in the attributes
map." Such precedence is not ideal (I'd prefer it to be the other way around),
but probably necessary for backwards compatibility with the mentioned naive
default implementation and avoids confusion with cases like token
authentication where credential attributes are included in the authentication
process.
> For the next version of the standard, maybe we should consider adding this
> method?
Yes. Defining and using it first in JackrabbitRepository makes a strong
rationale for including it in the JCR spec.
> New method: JackrabbitRepository.login(Credentials, Map<String, Object>)
> ------------------------------------------------------------------------
>
> Key: JCR-3634
> URL: https://issues.apache.org/jira/browse/JCR-3634
> Project: Jackrabbit Content Repository
> Issue Type: New Feature
> Components: jackrabbit-api
> Affects Versions: 2.7.1
> Reporter: Michael Dürig
>
> As discussed [1] we need a way for passing session attributes on login
> without having to fall back to credentials. The latter might not support
> credentials or not be present at all when authentication is handled
> externally.
> I suggest to add the following method to JackrabbitRepository:
> /**
> * Equivalent to <code>login(credentials, workspace)</code> where
> * <ul>
> * <li><code>workspace = attributes.get(ATT_WORKSPACE_NAME)</code>,</li>
> * <li><code>credentials</code> carry all and only the attributes passed
> * through the <code>attributes</code> map.</li>
> * </ul>
> *
> * @param credentials the credentials of the user
> * @param attributes the attributes to put into the session
> * @return a valid session for the user to access the repository.
> * @throws javax.jcr.LoginException if authentication or authorization for
> the
> * specified workspace fails.
> * @throws javax.jcr.NoSuchWorkspaceException if the specified workspace is
> not recognized.
> * @throws javax.jcr.RepositoryException if another error occurs.
> */
> Session login(Credentials credentials, Map<String, Object> attributes);
> See also OAK-803 for some more background.
> [1] http://markmail.org/message/lwhpglehee3jgpip
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
