[
https://issues.apache.org/jira/browse/SLING-5448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexander Klimetschek updated SLING-5448:
-
Description:
Currently, the [AuthenticationInfoPostProcessor javadoc
says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]:
{quote}
Service interface which allows bundles to modify the AuthenticationInfo object
after authentication has been performed.
{quote}
But that's pretty misleading, as "after authentication" actually means "one
AuthenticationHandler has returned an AuthenticationInfo" object, but does not
include the resource provider creations (e.g. JCR repository login), which are
often understood as part of authentication too.
I suggest this instead:
{quote}
Service interface which allows bundles to modify the AuthenticationInfo object
right after one authentication handler has returned it from
extractCredentials() or for an anonymous AuthenticationInfo. It is called
before the resource resolver is created and any authentication in the resource
providers (such as JCR repository login) happens.
As such it is useful to intercept responses from other AuthenticationHandlers
and access or modify the AuthenticationInfo before they are actually used to
create the resource resolver.
{quote}
was:
Currently, the [AuthenticationInfoPostProcessor javadoc
says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]:
{quote}
Service interface which allows bundles to modify the AuthenticationInfo object
after authentication has been performed.
{quote}
But that's pretty misleading, as "after authentication" actually means "one
AuthenticationHandler has returned an AuthenticationInfo" object, but does not
include the resource provider creations (e.g. JCR repository login).
I suggest this instead:
{quote}
Service interface which allows bundles to modify the AuthenticationInfo object
right after one authentication handler has returned it from
extractCredentials() or for an anonymous AuthenticationInfo. It is called
before the resource resolver is created and any authentication in the resource
providers (such as JCR repository login) happens.
As such it is useful to intercept responses from other AuthenticationHandlers
and access or modify the AuthenticationInfo before they are actually used to
create the resource resolver.
{quote}
> AuthenticationInfoPostProcessor javadoc misleading
> --
>
> Key: SLING-5448
> URL: https://issues.apache.org/jira/browse/SLING-5448
> Project: Sling
> Issue Type: Bug
> Components: Authentication
>Affects Versions: Auth Core 1.3.12
>Reporter: Alexander Klimetschek
>
> Currently, the [AuthenticationInfoPostProcessor javadoc
> says|https://github.com/apache/sling/blob/4bc090c5f8cb8ec8d6b1674176978e9a5feff503/bundles/auth/core/src/main/java/org/apache/sling/auth/core/spi/AuthenticationInfoPostProcessor.java#L25-L29]:
> {quote}
> Service interface which allows bundles to modify the AuthenticationInfo
> object after authentication has been performed.
> {quote}
> But that's pretty misleading, as "after authentication" actually means "one
> AuthenticationHandler has returned an AuthenticationInfo" object, but does
> not include the resource provider creations (e.g. JCR repository login),
> which are often understood as part of authentication too.
> I suggest this instead:
> {quote}
> Service interface which allows bundles to modify the AuthenticationInfo
> object right after one authentication handler has returned it from
> extractCredentials() or for an anonymous AuthenticationInfo. It is called
> before the resource resolver is created and any authentication in the
> resource providers (such as JCR repository login) happens.
> As such it is useful to intercept responses from other AuthenticationHandlers
> and access or modify the AuthenticationInfo before they are actually used to
> create the resource resolver.
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
