Github user anyway1021 commented on the issue:
    Would like to merge but because some new classes are added to support 
switching authentication without modifying code, I think it may be better to 
ask you to review again.
    The reason of doing this is:
    1. dropwizard 0.7.1 only supports @Auth annotation to mark authentication 
on additional User argument of REST resource methods, means if we'd like a REST 
path be authenticated, we should add a parameter to the method, such as "public 
List list(@Auth User user)". In this way, any REST resource we don't want to 
authenticate could only be freed by removing the parameter.
    2. Currently, while registering the Authenticators, by default API, we 
would register a BasicAuthProvider that doesn't support switching 
authentication on or off. People may think, we could skip registering it when 
we want to switch off the authentication, however, this approach would cause 
4xx http error for unable to map the coded "@Auth" parameters correctly.
    3. Based on the above 2, I  create a SwitchableBasicAuthProvider to involve 
switching configuration, and by registering this provider on starting the 
server, people could configure a param "enabled=true|false" in 
configuration.yml, to enable|disable authentication, without having to change 
code, re-compile, or re-deploy.
    Besides, to make other projects able to depend on class User, I moved it 
from eagle-server to eagle-common under package: 
org.apache.eagle.common.authentication, please consider if it's appropriate, 
    Hopefully it's not a redundant modification. 

If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at or file a JIRA ticket
with INFRA.

Reply via email to