[
https://issues.apache.org/jira/browse/JCR-3634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13723620#comment-13723620
]
Jukka Zitting commented on JCR-3634:
------------------------------------
I'd rather keep the explicit workspace argument, with null for the default
workspace like in the existing login() methods.
Also, I'd avoid overloading the credentials attributes for this. If an
attributes map is passed to the proposed method, they are taken to apply to the
session being created, not to the credentials being passed. The approach of
using credential attributes to pass session parameters is IMHO not semantically
correct. Something like the mentioned auto-refresh mode has nothing to do with
access credentials. And the proposed definition leaves something like login(new
GuestCredentials(), Collections.singletonMap("AutoRefresh", true)) undefined,
as GuestCredentials does not support attributes.
Instead I'd define the method as follows:
/**
* Equivalent to {@code login(credentials, workspaceName)} except that the
returned
* Session instance contains the given extra session attributes in addition
to any
* included in the given Credentials instance.
* <p>
* The attributes are implementation-specific and may affect the behavior
of the returned
* session. Unlike credentials attributes, these separately passed session
attributes
* are guaranteed not to affect the authentication of the client.
* <p>
* An implementation that does not support a particular session attribute
is expected
* to ignore it and not make it available through the returned session. A
client that
* depends on specific behavior defined by a particular attribute can check
whether
* the returned session contains that attribute to verify whether the
underlying
* repository implementation supports that feature.
*
* @param credentials the credentials of the user
* @param workspaceName the name of a workspace
* @param attributes implementation-specific session attributes
* @return a valid session for the user to access the repository
* @throws LoginException if authentication or authorization for the
specified workspace fails
* @throws NoSuchWorkspaceException if the specified workspace is not
recognized
* @throws RepositoryException if another error occurs
*/
Session login(Credentials credentials, String workspaceName, Map<String,
Object> attributes)
throws LoginException, NoSuchWorkspaceException, RepositoryException;
Note the last paragraph of the definition, which allows the following naive
default implementation:
public Session login(Credentials credentials, String workspaceName,
Map<String, Object> attributes)
throws LoginException, NoSuchWorkspaceException,
RepositoryException {
return login(credentials, workspaceName);
}
> New method: JackrabbitRepository.login(Credentials, Map<String, Object>)
> ------------------------------------------------------------------------
>
> Key: JCR-3634
> URL: https://issues.apache.org/jira/browse/JCR-3634
> Project: Jackrabbit Content Repository
> Issue Type: New Feature
> Components: jackrabbit-api
> Affects Versions: 2.7.1
> Reporter: Michael Dürig
>
> As discussed [1] we need a way for passing session attributes on login
> without having to fall back to credentials. The latter might not support
> credentials or not be present at all when authentication is handled
> externally.
> I suggest to add the following method to JackrabbitRepository:
> /**
> * Equivalent to <code>login(credentials, workspace)</code> where
> * <ul>
> * <li><code>workspace = attributes.get(ATT_WORKSPACE_NAME)</code>,</li>
> * <li><code>credentials</code> carry all and only the attributes passed
> * through the <code>attributes</code> map.</li>
> * </ul>
> *
> * @param credentials the credentials of the user
> * @param attributes the attributes to put into the session
> * @return a valid session for the user to access the repository.
> * @throws javax.jcr.LoginException if authentication or authorization for
> the
> * specified workspace fails.
> * @throws javax.jcr.NoSuchWorkspaceException if the specified workspace is
> not recognized.
> * @throws javax.jcr.RepositoryException if another error occurs.
> */
> Session login(Credentials credentials, Map<String, Object> attributes);
> See also OAK-803 for some more background.
> [1] http://markmail.org/message/lwhpglehee3jgpip
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
