Github user anyway1021 commented on the issue:
Would like to merge but because some new classes are added to support
switching authentication without modifying code, I think it may be better to
ask you to review again.
The reason of doing this is:
1. dropwizard 0.7.1 only supports @Auth annotation to mark authentication
on additional User argument of REST resource methods, means if we'd like a REST
path be authenticated, we should add a parameter to the method, such as "public
List list(@Auth User user)". In this way, any REST resource we don't want to
authenticate could only be freed by removing the parameter.
2. Currently, while registering the Authenticators, by default API, we
would register a BasicAuthProvider that doesn't support switching
authentication on or off. People may think, we could skip registering it when
we want to switch off the authentication, however, this approach would cause
4xx http error for unable to map the coded "@Auth" parameters correctly.
3. Based on the above 2, I create a SwitchableBasicAuthProvider to involve
switching configuration, and by registering this provider on starting the
server, people could configure a param "enabled=true|false" in
configuration.yml, to enable|disable authentication, without having to change
code, re-compile, or re-deploy.
Besides, to make other projects able to depend on class User, I moved it
from eagle-server to eagle-common under package:
org.apache.eagle.common.authentication, please consider if it's appropriate,
Hopefully it's not a redundant modification.
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket