Hi Christian,
2014-10-09 13:18 GMT+02:00 Christian Mueller <
[email protected]>:
> Hi Mauro
>
> If I got it right, you want a filter to act as an end point for a pass
> through authentication. If this is the case, please create a new filter
> class or class hierarchy, your filter should be named
> "GeoServerPassThroughAuthEndPointFilter" or similar.
>
>
Uhm... I am not sure we need another hierarchy. I agree that this filter is
not preauthenticated, so probably it deserves a distinct implementation.
Basically what it does is very similar to what BasicAuthentication or other
filters do: fetch credentials in "some way" and then let the authentication
manager do the authentication (this is what I meant when I said " uses the
authentication providers chain to do the authentication").
My only concern is that some functionality could be useful also in the
existing RequestHeader filter (for example the possibility to extract the
username using a regular expression). Maybe we can put some common
functionality in utility classes and use it from both filters, or just
duplicate the code and don't bother too much :).
> I am against a new community module, I would vote for adding this filter
> in the core code.
>
Agree, then we need a name to distinguish this filter from the existing
"HTTP Header", something like "Credentials from HTTP Headers". Ideas are
welcome.
Cheers,
Mauro
--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.
==
Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
