Thanks for the feedback Jan, here is the JIRA: https://issues.apache.org/jira/browse/SYNCOPE-324
Colm. On Thu, Feb 21, 2013 at 12:46 PM, Jan Bernhardt <[email protected]>wrote: > Hi Colm, > > +1 for returning user instead of Boolean for authentication process. I > wasn't happy about the current handling anyway, since URL pattern did not > reflect a different response type. This way username and password can be > seen as "search queries" for a user with matching username and password. If > authentication is successful we should return 200 OK, if authentication > fails we should return 404 NOT FOUND. > > This way we could support both GET for returning matching user (including > roles) or HEAD if only Authentication result (TRUE : 200 or FALSE : 404) is > required. > > Applying these changes should be relatively easy. If no other syncope > users raise concerns about this, you can create a JIRA issue for this. > > And we should also take Sergeys comment into account and disable caching > for this authentication URL. > > Best regards. > Jan > > > -----Original Message----- > > From: Colm O hEigeartaigh [mailto:[email protected]] > > Sent: Mittwoch, 20. Februar 2013 17:06 > > To: Jan Bernhardt > > Cc: [email protected] > > Subject: Re: API query > > > > A second thought is that a API to return the User matching the given > > username + password would be quite nice, unless there is another way of > > doing this that I am missing. WDYT? > > > > Colm. > > > > On Wed, Feb 20, 2013 at 4:04 PM, Colm O hEigeartaigh > > <[email protected]>wrote: > > > > > > > > Thanks Jan, I have updated it. The "old" API method returns "null" if > > > the User does not exist, whereas the new API does not seem to return > > anything. > > > Would it not be better in both cases to return "false" explicitly? Or > > > are there backwards compatilbity concerns about changing this? > > > > > > Colm. > > > > > > > > > On Wed, Feb 20, 2013 at 4:00 PM, Jan Bernhardt > > <[email protected]>wrote: > > > > > >> Hi Colm, > > >> > > >> The description is wrong, this method returns a boolean. > > >> > > >> Best regards. > > >> Jan > > >> > > >> > -----Original Message----- > > >> > From: Colm O hEigeartaigh [mailto:[email protected]] > > >> > Sent: Mittwoch, 20. Februar 2013 16:48 > > >> > To: [email protected] > > >> > Subject: API query > > >> > > > >> > Hi all, > > >> > > > >> > From the wiki: > > >> > > > >> > > > https://cwiki.apache.org/confluence/display/SYNCOPE/REST+API+upgrad > > >> > e# > > >> > RESTAPIupgrade-UserService > > >> > > > >> > GET /user/verifyPassword/{username}?password={password} GET > > >> > /users?username={username}&pwd={password} Returns user if > > username > > >> > and password match with an existing account. > > >> > This method actually returns a boolean not the user, and so the > > >> description is > > >> > invalid. > > >> > > > >> > Could someone clarify whether the new API is intended to return a > > >> boolean > > >> > or the User? > > >> > > > >> > Colm. > > >> > > > >> > > > >> > -- > > >> > Colm O hEigeartaigh > > >> > > > >> > Talend Community Coder > > >> > http://coders.talend.com > > >> > > > > > > > > > > > > -- > > > Colm O hEigeartaigh > > > > > > Talend Community Coder > > > http://coders.talend.com > > > > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
