Hi.
My app has now grow to contain different paths with different
authentications scheme and context, like:
/api
/console
/oauth
Then, there is the host:
<bean id="virtualHost" class="org.restlet.ext.spring.SpringHost">
<constructor-arg value="" />
<property name="attachments">
<map>
<entry key="/api">
<ref bean="apiApplication" />
</entry>
<entry key="/oauth">
<ref bean="oauthApplication" />
</entry>
<entry key="/console">
<ref bean="consoleApplication" />
</entry>
</map>
</property>
</bean>
This happened mainly because I needed to add an Http Basic authn to the API
and a Cookie authenticator on the console, while the "oauth" context
requires no authentication and the only way I found to add an authenticator
and keeping the SpringBeanRouter has been the one I wrote here
http://restlet-discuss.1400322.n2.nabble.com/How-to-signup-a-ChallengeAuthenticator-when-using-SpringBeanRouter-td5588475.html
Finally, each application has a SpringBeanRouter as inboundRouter so I can
externalize everything to a spring bean file.
So I need a different application for each "route" with a different
authentication system
That was fine but now I see some limitations:
1. /console serve some static html pages and has a cookie authentication. If
there is no cookie for the client, I redirect it to /signin that is free
from any authn. For that, I had to create a new app mounted in the host as
/signin. This is not nice
2. as alternative, I can mount it in the oauth application, that would
become the "authn free application", that keeps together resources of
different kind: signin is a HTML page, oauth is an api callback page for
oauth authentication with third party services. Probably I will split the
api and the html console in different modules in future so this makes no
sense.
Now, clearly I'm making something wrong in designing this.
Also, other issue:
3. the /console html application serve some static content like css and js.
So the application has this resources:
<bean name="/pages/{page}" class="console.HtmlResource" id="html"
scope="prototype" />
<bean name="/static/{type}/{name}" class="console.StaticResource"
id="static" scope="prototype" />
I do not like this. I do not want /pages in my URL for html pages, but I
have no choice then adding another application. Again, smell.
I think I need to add some different level to route the different part of
the resources. I'd rather have:
. one application for all those context
. a sort of first level sub-route that defines the main restlet for /api,
/console, /static and such with different authentication methods (maybe
defined via spring)
. then the SpringBeanRouter way to define the actual resources, like now,
but not mounted as the application inboundRoot.
Is there a way to achieve this?
Thanks.
--
Daniele Dellafiore
http://danieledellafiore.net
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2730174
