[
https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796639#action_12796639
]
Mike Müller commented on SLING-966:
-----------------------------------
I checked the patch. There are some minor problems:
To be backwards compatible we should define the DOING_AUTH property on the
"old" AuthenticationInfo as well and to be able to do that we need also a
constructor without parameters here.
I will attach a new patch which includes these changes.
To commit it we maybe should implement the new interface on
AuthorizationHeaderAuthenticationHandler and OpenIDAuthenticationHandler to get
rid of the deprecations.
> Make internal sling authentication publicly available
> -----------------------------------------------------
>
> Key: SLING-966
> URL: https://issues.apache.org/jira/browse/SLING-966
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Reporter: Felix Meschberger
> Attachments: SLING-966.patch
>
>
> Currently the SlingAuthenticator is an internal class in the Engine bundle,
> which is used by the SlingMainServlet to handle the authentication as part of
> an OSGi HTTP Service specification HttpContext object.
> To use the Sling authentication framework with the Authenticator and the
> AuthenticationHandlers outside of the SlingMainServlet, that is for other
> servlets directly registered with the OSGi HttpService the authentication
> functionality should be made publicly available.
> One approach would be to provide a new authenticate() method in the
> Authenticator interface. Another option would be to provide an abstract
> HttpContext which already implements the HttpContext.handleSecurity method
> using the SlingAuthenticator instance.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
