[
https://issues.apache.org/jira/browse/SLING-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15413232#comment-15413232
]
Carsten Ziegeler commented on SLING-5792:
-----------------------------------------
[~anchela] Thanks for your patch, Angela.
I haven't looked in detail into the implementation, but some comments for the
API / impl:
What should happen if the client bundle is stopped and does not explicitely
remove the auth requirements, should they be removed nevertheless?
The new interface uses a ServiceReference as the key argument for the methods.
I think we should not use OSGi objects as keys. I'm not sure about the best way
to solve this. Simplest solution would be a String and the client can make up
such a key. The implementation could internally use a ServiceFactory which
means that it knows the bundle of the client calling the method and therefore
it can internally use the provided string key and the bundle id to make a
unique key (avoid clashes across bundles using the same key). Or maybe no key
argument at all, and each bundle is regarded as a single client. Especially
ServiceReference is not a good key as it changes when the bundle containing the
service is restarted.
> API to manage Authentication Requirement
> ----------------------------------------
>
> Key: SLING-5792
> URL: https://issues.apache.org/jira/browse/SLING-5792
> Project: Sling
> Issue Type: Sub-task
> Components: Authentication
> Reporter: angela
>
> Apart from the constant {{AuthConstants.AUTH_REQUIREMENTS}} there is no
> public API available that allowed applications to change the list of
> authentication requirement entries.
> Instead, applications need to know and rely on implementation details, which
> not only includes registering services with the
> {{AuthConstants.AUTH_REQUIREMENTS}} property included but also know about the
> required format of the property, which from my point of view should be and
> remain an implementation detail of
> {{org.apache.sling.auth.core.impl.SlingAuthenticator}}, which IMO should not
> be considered public API.
> To me it would feel more natural if there existed a
> {{AuthenticationRequirement}} interface defining methods to
> extend/update/clear the auth-requirements bound to a particular service
> reference and having {{org.apache.sling.auth.core.impl.SlingAuthenticator}}
> implementing that interface.
> Doing so, might also be beneficial from a performance/scalability POV but I
> would like to cover that in a separate sub-task.
> Proposal for this sub-tasks will follow as I am moving forward.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
