Github user anyway1021 commented on the issue: https://github.com/apache/incubator-eagle/pull/468 @haoch @all Would like to merge but because some new classes are added to support switching authentication without modifying code, I think it may be better to ask you to review again. The reason of doing this is: 1. dropwizard 0.7.1 only supports @Auth annotation to mark authentication on additional User argument of REST resource methods, means if we'd like a REST path be authenticated, we should add a parameter to the method, such as "public List list(@Auth User user)". In this way, any REST resource we don't want to authenticate could only be freed by removing the parameter. 2. Currently, while registering the Authenticators, by default API, we would register a BasicAuthProvider that doesn't support switching authentication on or off. People may think, we could skip registering it when we want to switch off the authentication, however, this approach would cause 4xx http error for unable to map the coded "@Auth" parameters correctly. 3. Based on the above 2, I create a SwitchableBasicAuthProvider to involve switching configuration, and by registering this provider on starting the server, people could configure a param "enabled=true|false" in configuration.yml, to enable|disable authentication, without having to change code, re-compile, or re-deploy. Besides, to make other projects able to depend on class User, I moved it from eagle-server to eagle-common under package: org.apache.eagle.common.authentication, please consider if it's appropriate, thanks. Hopefully it's not a redundant modification. Michael
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---