[jira] Created: (TAPESTRY-936) Provide basic authentication mecanisms

Fri, 05 May 2006 08:19:07 -0700 

Provide basic authentication mecanisms
--------------------------------------

         Key: TAPESTRY-936
         URL: http://issues.apache.org/jira/browse/TAPESTRY-936
     Project: Tapestry
        Type: Improvement

  Components: Framework  
    Versions: 4.1    
    Reporter: Henri Dupre


Several implementation details (creation of ICallbacks and page redirection) 
make adding authentication to a tapestry application not  a trivial task. Page 
redirection can only be done in page validate thus making impossible to capture 
the state of a page (for instance, properties + parameters of an 
activateExternalPage). 
After looking at the code, this has implications in the core of the engine 
itself and making these changes might not be trivial. But instead of adding 
features for generating ICallbacks and page redirection, why not directly wire 
an authentication API inside the framework?

Here is a suggestion:
- provide a blank AuthenticatedPage interface or configuration that allows 
pages to say that they require authentication
- provide a hivemind configuration point to plug an authentication service: 
this service has methods to figure out if a user is authenticated or not and 
also provides a page name that is called when a user is not authenticated
- the authentication pages have to implement a specific interface or another 
mecanism that tell that the authentication process is finished (the process 
might consist of several pages, e.g. new account creation)
- the engine takes care of the rest: before calling the authentication page, a 
basic state is captured after the page is setup (all declared properties are 
saved), and once the authentication process is finished, all that state is 
restored and the page is called



-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to