The case is what we discussed in [1]. There we came to the
conclusion
to use a RequestEventListener. Otherwise we have to add a lifecycle
method like close or similar to the resource resolver or even to the
CredentialValidator where it definitly makes no sense.
So what's about using
Hi
first of all: hello to all subscribers from my side :-)
interface CredentialValidator
+1
One issue remains: disposal of the Session placed into the
AuthenticationInfo object by the validate method. But this can be
solved, I am sure ...
isn't this session just a session and hence
On 3/16/10 4:17 PM, Mike Müller wrote:
The case is what we discussed in [1]. There we came to the conclusion
to use a RequestEventListener. Otherwise we have to add a lifecycle
method like close or similar to the resource resolver or even to the
CredentialValidator where it definitly makes no
Felix Meschberger wrote
My biggest concern with this was (and still is) loss of performance if
logging two login's would be required for each request. We can fix
this issue, if we defined an API to act as an intermediary, e.g.
something like:
public interface CredentialValidator {
