I'm writing an authentication handler that should use ldap for user
information. My general steps are below. Please let me know where
I'm wrong or where things could be done better.
LdapAuthHandler -> AuthenticationHandler, LoginModulePlugin {
AuthenticationInfo authenticate(..) {
// if previous auth info is available in the request or session
(don't assume session is available), put memento in request and return
auth info.
// else if user/pass in the request, construct and return auth info
// else, return null
}
}
LdapLoginServlet -> SlingAllMethodsServlet {
void doPost(..) {
// if auth info from auth info from auth handler is available in
request, use it to look up user in ldap. if lookup is successful,
store info in session, redirect to lading page.
// else, send error (403)
}
}
