Hi, all! Some update on JASPIC state. Yesterday and today I was working on FORM authentication module implementation. I've ported old code to new module, got it to work, and then ported integration test to ensure, that my refactoring's will not broke something. Then I have split huge method into smaller ones in order to maintain code readability, and for better understanding of FORM authentication process. Also, I have finished BASIC authentication integration test, just to have a rest from FORM authentication. Currently I have a bunch of commits in my personal repository https://github.com/fjodorver/tomcat/tree/feature/form_auth, but I think a lot of them must be squashed. I'll provide these commits as patches in couple hours.
What about problems, I have one with Principal caching in session. There are possibility to enable/disable Principal's caching in old implementation. This feature can be handled using getter/setter setCache/getCache in AuthenicatorBase, and it's enabled by default. I am curious about this thing, how it can be controlled by user, and is it very important feature? I'm not sure about that, because this option is used only once - in DigestAuthenicatior. In all other places Principal caching is enabled. Could somebody provide additional information on this? If this option is important, it can be implemented by simply passing configuration settings using options HashMap directly from ContextConfig. If it's not, then it can make our life much easier. Other problem is that I am actively using tomcat's internal stuff in authentication modules. Arjan, could you confirm, is that acceptable? For example using catalina's Request instead of HttpServletRequest, catalina's context and so on. Thanks, Fjodor 2015-06-30 0:56 GMT+03:00 Mark Thomas <ma...@apache.org>: > On 29/06/2015 22:46, Fjodor Vershinin wrote: > > Hi, all! > > My update for previous week: > > 1) Some JASPIC architecture refactoring > > 2) Implemented both BASIC and DIGEST authentication modules > > 3) Added integration test for DIGEST module > > 4) Fixed some small bugs and issues > > 5) Updated javadocs > > > > What about current status, I started working on FORM authentication > module > > on Friday, however, I have faced some problems. > > FORM authentication mechanism looks harder than BASIC/DIGEST for me, at > > least when I looked at current implementation, so I had spent Friday and > > Monday digging FORM authentication specifications and FormAuthenticator > > class. I have some commits prepared but they are in very-very draft stage > > now, so I'd not pushed them yet. > > Also, I tried to start working on BASIC integration test, but FORM > > authentication looks like priority now. > > I agree with your assessment of the priority. > > I need to see progress on a daily basis - even if it isn't in a state > that you are happy with. You could put it in a different branch or if > you really don't want to make it public, e-mail me the diffs. > > I'm all for you working things out on your own but I need to see where > you are heading. If you are heading in completely the wrong direction it > will be better for you and the GSoC project if we catch that earlier > rather than later. > > Let me know if I can help at all with the FORM module. > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > > -- Thanks, Fjodor
