[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797059#action_12797059 ] Felix Meschberger commented on SLING-966: - Updated the bundle list in the Launchpad Builder module in Rev. 896376 > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger >Assignee: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797041#action_12797041 ] Felix Meschberger commented on SLING-966: - Another modification to the AuthenticationInfo constructors in Rev. 896361: If we have constructors taking credentials, this creates a transitive compile time dependency to the JCR API regardless of whether the respective constructors would ever be used. Adding a setter method and removing the constructors fixes this issue. > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger >Assignee: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797033#action_12797033 ] Felix Meschberger commented on SLING-966: - Removed old authentication code from the engine bundle in Rev. 896351 and deployed a Sling Engine SNAPSHOT 2.0.7-20100106.084348-54 > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger >Assignee: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797030#action_12797030 ] Felix Meschberger commented on SLING-966: - Deployed SNAPSHOT version 0.9.0-20100106.083211-1 of the Commons Auth bundle. > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger >Assignee: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797022#action_12797022 ] Felix Meschberger commented on SLING-966: - I have committed a first shot at the new standalone authentication bundle in Rev. 896345 at http://svn.apache.org/repos/asf/sling/trunk/bundles/commons/auth This commit slightly deviates from the original patches: (1) The client implementable API is placed in a different package to simplify API evolution and to decouple versioning issues for API implemented by the bundle itself and API intended to be implemented by client bundles. (2) I added functionality to better control whether a request must be authenticated or not. Until now, a single configuration setting was available to declare whether requests have to be authenticated or not: the "Allow Anonymous Access" configuration property. Now a list of paths may be ocnfigured. Each entry defines a subtree and declares whether requests in that subtree must be authenticated or not. This change of course requires update in the documentation at http://sling.apache.org/site/authentication.html > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger >Assignee: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796684#action_12796684 ] Felix Meschberger commented on SLING-966: - Re AuthenticationHandler2: Another good hint, yes. I have removed that interface because it is superceded by this refactoring and was never included in an actual release of the Sling Engine bundle. > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Commons >Reporter: Felix Meschberger > Fix For: Commons Auth 1.0.0 > > Attachments: SLING-966.patch, SLING-966b.patch, SLING-966c.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796679#action_12796679 ] Mike Müller commented on SLING-966: --- Maybe decoupling is not a bad idea, especially if there's a good chance that we extend the new interface in the future and have to support the legacy auth stuff for a longer time. +1 for completely decoupling the old from the new API In your patch you have deleted the old AuthenticationHandler2. Actually it is not that old and was implemented in Rev. 825501 (see SLING-1155). Maybe we should close SLING-1155 as Duplicate or Won't fix. WDYT? > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Engine >Reporter: Felix Meschberger > Attachments: SLING-966.patch, SLING-966b.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796656#action_12796656 ] Felix Meschberger commented on SLING-966: - Thanks for the feedback. Re: DOING_AUTH: You are of course right. I am even thinking of copying the old API from the Engine bundle unmodified and copy/extend the new API. Thus completely decoupling the old from the new API. Re Adapt existing implementations: Absolutely agreed. > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Engine >Reporter: Felix Meschberger > Attachments: SLING-966.patch, SLING-966b.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (SLING-966) Make internal sling authentication publicly available
[ https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796639#action_12796639 ] Mike Müller commented on SLING-966: --- I checked the patch. There are some minor problems: To be backwards compatible we should define the DOING_AUTH property on the "old" AuthenticationInfo as well and to be able to do that we need also a constructor without parameters here. I will attach a new patch which includes these changes. To commit it we maybe should implement the new interface on AuthorizationHeaderAuthenticationHandler and OpenIDAuthenticationHandler to get rid of the deprecations. > Make internal sling authentication publicly available > - > > Key: SLING-966 > URL: https://issues.apache.org/jira/browse/SLING-966 > Project: Sling > Issue Type: Improvement > Components: Engine >Reporter: Felix Meschberger > Attachments: SLING-966.patch > > > Currently the SlingAuthenticator is an internal class in the Engine bundle, > which is used by the SlingMainServlet to handle the authentication as part of > an OSGi HTTP Service specification HttpContext object. > To use the Sling authentication framework with the Authenticator and the > AuthenticationHandlers outside of the SlingMainServlet, that is for other > servlets directly registered with the OSGi HttpService the authentication > functionality should be made publicly available. > One approach would be to provide a new authenticate() method in the > Authenticator interface. Another option would be to provide an abstract > HttpContext which already implements the HttpContext.handleSecurity method > using the SlingAuthenticator instance. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
