DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10794>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10794 User interaction for authentication ------- Additional Comments From [EMAIL PROTECTED] 2004-01-29 15:42 ------- Oleg, Odi, Roland, et al., Here are a few quick thoughts.. In regard to the credentials, I think they should remain in the HttpState. In some sense it is acting as a cache for known credentials. I agree with Oleg and I think we should move towards a single set of credentials based upon host, port, and perhaps scheme. I see no need to keep host/proxy credentials separate. As far as the location for the CredentialsProvider/CredentialsCallback I prefer the params. While I see the logic of keeping it with the credentials in the HttpState, I still think the credentials are really just held there as a cache. In general I imagine someone would just want to set the credentials provider globally, either to one that prompts the user, or one (the default) that does nothing. Once credentials have been provided and successfully used they can be added to the HttpState and reused later. The params also provide more flexibility in that they can be configured globally, and where needed they can also be used on a more fine grained level. What do you think? Mike --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
