Hi all, I am currently working on https://issues.apache.org/jira/browse/CXF-3123 (Support Spnego/Kerberos authentication for http transport). My first attempt was to use implement an AuthSupplier for this case. I thought AuthSupplier acts as a kind of strategy to implement auth support.
When I digged into the code I found that this is not really true. AuthSupplier seems to be used only in some cases and much other decisions are done in setHeadersByAuthorizationPolicy, setBasicAuthHeader, setProxyBasicAuthHeader, authorizationRetransmit. So it would be not so easy to add another authentication mechanism. To clean this up I propose to refactor to a strategy based implementation with 3 currently strategies: - BasicAuthStrategy - DigestAuthStrategy - SpnegoAuthStrategy The conduit should do no detailed authentication handling at all. Instead it should delegate to the strategy to be used and let it do what is needed. Another problem is then of course how to choose the strategy to be used. We could do it upfront and then only give the conduit one strategy or we could do it later and give the conduit a strategy that decides for each case which real stratgy to use. Any ideas / opinions about this are very much welcome. Best regards Christian Christian Schneider Informationsverarbeitung Business Solutions Handel und Dispatching Tel : +49-(0)721-63-15482 EnBW Systeme Infrastruktur Support GmbH Sitz der Gesellschaft: Karlsruhe Handelsregister: Amtsgericht Mannheim ‑ HRB 108550 Vorsitzender des Aufsichtsrats: Dr. Bernhard Beck Geschäftsführer: Jochen Adenau, Hans-Günther Meier
