https://wso2.org/jira/browse/CARBON-12378
Thanks, Sameera. On Tue, Feb 14, 2012 at 9:50 PM, Amila Jayasekara <[email protected]> wrote: > On Tue, Feb 14, 2012 at 9:32 PM, Sameera Jayasoma <[email protected]> > wrote: > > Hi Amila, > > > > +1 for the proposed changes. Please see my comments below. > > > > On Tue, Feb 14, 2012 at 3:22 PM, Amila Jayasekara <[email protected]> > wrote: > >> > >> Hi All, > >> > >> We had a review discussion on Carbon Authenticators and following are > >> the review notes. > >> > >> 1. There are some common logic that should be implemented in every > >> authenticator. Currently invoking this logic is duplicated among > >> authenticators. So to avoid that we are planning to come up with an > >> abstract Authenticator implementation. > >> 2. As per now AuthenticationHandler first invokes AuthenticationAdmin > >> and then it calls chain of authenticators. The AuthenticationAdmin > >> call is not necessary. We need to refactor code in such a way that > >> authenticator it self will only handle authenticating logic (Rather > >> than within the Handler). > >> 3. Properly implement authenticator chaining pattern. Make use > >> “isHandle”, “priority”, “isAuthenticated” methods and make only > >> authenticator aware about the logic. > >> 4. After cleaning up the API, implement “Basic Auth” authenticator. > >> (As first step) > > > > > > 5. Cleanup Carbon.UI framework to improve the plugability of custom > > authenticators. I recently wrote an authenticator, but I had to hard code > > some URLs in the CarbonSecurityHttpContext class. Please have a look at > the > > following method in this class. > > > > private boolean skipSSOSessionInvalidation(String requestedURI) { > > boolean skipSessionInvalidation = false; > > if ((requestedURI.indexOf("/samlsso") > -1) > > || (requestedURI.indexOf("sso-saml/login.jsp") > -1) > > || > > (requestedURI.indexOf("stratos-sso/login_ajaxprocessor.jsp") > -1) > > || > > (requestedURI.indexOf("sso-saml/redirect_ajaxprocessor.jsp") > -1) > > || > > (requestedURI.indexOf("stratos-sso/redirect_ajaxprocessor.jsp") > -1) > > || > > (requestedURI.indexOf("sso-acs/redirect_ajaxprocessor.jsp") > -1) > > || > > (requestedURI.indexOf("stratos-auth/redirect_ajaxprocessor.jsp") > -1)) { > > skipSessionInvalidation = true; > > } > > return skipSessionInvalidation; > > } > > > > As a part of this effort, lets refactor this bit of code as well. > > +1. Will take above into consideration as well. If possible please > create a carbon Jira and assigned to me. > > Thanks > AmilaJ > > > > > Thanks, > > Sameera. > > > >> > >> Thanks > >> AmilaJ > >> > >> -- > >> Mobile : +94773330538 > >> > >> _______________________________________________ > >> Carbon-dev mailing list > >> [email protected] > >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > > > > > > -- > > Sameera Jayasoma > > Technical Lead and Product Manager, WSO2 Carbon > > > > WSO2, Inc. (http://wso2.com) > > email: [email protected] > > blog: http://tech.jayasoma.org > > > > > > Lean . Enterprise . Middleware > > > > _______________________________________________ > > Carbon-dev mailing list > > [email protected] > > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > > > > > -- > Mobile : +94773330538 > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > -- Sameera Jayasoma Technical Lead and Product Manager, WSO2 Carbon WSO2, Inc. (http://wso2.com) email: [email protected] blog: http://tech.jayasoma.org Lean . Enterprise . Middleware
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
