Author: dklco
Date: Fri May 3 20:29:53 2013
New Revision: 1478959
URL: http://svn.apache.org/r1478959
Log:
Fixing some formatting issues with the authentication framwork page
Modified:
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
Modified:
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
URL:
http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext?rev=1478959&r1=1478958&r2=1478959&view=diff
==============================================================================
---
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
(original)
+++
sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
Fri May 3 20:29:53 2013
@@ -35,13 +35,14 @@ The implementation follows this algorith
Extracting the credentials and trying to login to the repository may yield the
following results:
| Credentials | Login | Consequence |
-| present | successfull | Continue with an authenticated request |
+|--|--|--|
+| present | successful | Continue with an authenticated request |
| present | failed | Select `AuthenticationHandler` and call
`requestCredentials` method |
| missing | anonymous allowed | Continue with a non authenticated request
using anonymous access to the repository |
| missing | anonymous forbidden | Select `AuthenticationHandler` and call
`requestCredentials` method |
<div class="note">
-Only one `AuthenticationHandler` is able to provide credentials for a given
request. If the credentials provided by the handler cannot be used to login to
the repository, authentication fails and no further `AuthenticationHandler` is
consulted.
+ Only one <code>AuthenticationHandler</code> is able to provide credentials
for a given request. If the credentials provided by the handler cannot be used
to login to the repository, authentication fails and no further
<code>AuthenticationHandler</code> is consulted.
</div>
@@ -57,7 +58,7 @@ The `handleSecurity` method gets credent
| `javax.jcr.Session` | The JCR Session. This attribute is for backwards
compatibility only. *Its use is deprecated and the attribute will be removed in
future versions*. |
| `org.apache.sling.commons.auth.spi.AuthenticationInfo` | The
`AuthenticationInfo` object produced from the `AuthenticationHandler`. |
-*NOTE*: Do *NOT* use the `javax.jcr.Session` request attribute in your Sling
applications. This attribute must be considered implementation specific to
convey the JCR Session to the `SlingMainServlet`. In future versions of the
Sling Commons Auth bundle, this request attribute will not be present anymore.
To get the JCR Session for the current request adapt the request's resource
resolver to a JCR Session:
+**NOTE**: Do *NOT* use the `javax.jcr.Session` request attribute in your Sling
applications. This attribute must be considered implementation specific to
convey the JCR Session to the `SlingMainServlet`. In future versions of the
Sling Commons Auth bundle, this request attribute will not be present anymore.
To get the JCR Session for the current request adapt the request's resource
resolver to a JCR Session:
Session session = request.getResourceResolver().adaptTo(Session.class);
@@ -75,7 +76,7 @@ The `SlingAuthenticator` provides high l
The URLs set on the *Authentication Requirements* configuration property or
the `sling.auth.requirements` service registration property can be absolute
paths or URLs like the `path` service registration property of
`AuthenticationHandler` services. This allows the limitation of this setup to
certain requests by scheme and/or virtual host address.
-*Examples*
+**Examples**
* The `LoginServlet` contained in the Commons Auth bundle registers itself
with the service registration property `sling.auth.requirements =
"-/system/sling/login"` to ensure the servlet can be accessed without requiring
authentication.
@@ -87,7 +88,7 @@ The URLs set on the *Authentication Requ
The implementation of the `Authenticator` interface is similar for both
methods:
-*`login`*
+**`login`**
1. Select one or more `AuthenticationHandler` for the request according to the
request URL's scheme and authorization part.
1. Call the `requestCredentials` method of each authentication handler, where
the order of handler call is defined by the length of the registered path:
handlers registered with longer paths are called before handlers with shorter
paths. The goal is to call the handlers in order from longest request path
match to shortest match. Handlers not matching the request path at all are not
called.
@@ -102,7 +103,8 @@ The `login` method has three possible ex
| `IllegalStateException` | The response has already been committed and the
login request cannot be processed. Normally to request login, the current
response must be reset and a new response has to be prepared. This is only
possible if the request has not yet been committed. |
-*`logout`*
+**`logout`**
+
1. Select one or more `AuthenticationHandler` for the request according to the
request URL's scheme and authorization part.
1. Call the `dropCredentials` method of each authentication handler, where the
order of handler call is defined by the length of the registered path: handlers
registered with longer paths are called before handlers with shorter paths. The
goal is to call the handlers in order from longest request path match to
shortest match. Handlers not matching the request path at all are not called.
