On 23/06/2017 11:17, Colm O hEigeartaigh wrote:
On Fri, Jun 23, 2017 at 9:36 AM, Francesco Chicchiriccò <ilgro...@apache.org>
wrote:
+1 for the "Bearer" Authorization header proposal, more standards are
welcome :-)
Since we introduced JWT in 2.0.3, I am not sure whether it makes sense to
keep supporting the X-Syncope-Token header for further 2.0 releases or
not...
Well I guess it would break any REST clients that were written to use
X-Syncope-Token for 2.0.3. It should be fairly straightforward just to
check the two headers right?
It will break such clients for sure but we can include specific
instructions in the release notes.
My point is that such header is something introduced in 2.0.3, e.g. the
last stable release before 2.0.4: I am not sure we need to preserve
backward compatibility for that...
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
