[jira] Reopened: (SLING-1445) store the AuthenticationInfo object in a request attribute

Felix Meschberger (JIRA) Fri, 06 Aug 2010 07:39:41 -0700

     [ 
https://issues.apache.org/jira/browse/SLING-1445?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Felix Meschberger reopened SLING-1445:
--------------------------------------


Thinking about this, I come to the conclusion that this is a bad idea, because 
it makes the password readily available for requests to read ....

What is the use case for having the AuthenticationInfo object as a request 
attribute ?

> store the AuthenticationInfo object in a request attribute
> ----------------------------------------------------------
>
>                 Key: SLING-1445
>                 URL: https://issues.apache.org/jira/browse/SLING-1445
>             Project: Sling
>          Issue Type: Improvement
>          Components: Commons
>            Reporter: Justin Edelson
>            Assignee: Justin Edelson
>             Fix For: Commons Auth 1.0.0
>
>
> called org.apache.sling.commons.auth.spi.AuthenticationInfo

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Reopened: (SLING-1445) store the AuthenticationInfo object in a request attribute

Reply via email to