[
https://issues.apache.org/jira/browse/SLING-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796656#action_12796656
]
Felix Meschberger commented on SLING-966:
-----------------------------------------
Thanks for the feedback.
Re: DOING_AUTH: You are of course right.
I am even thinking of copying the old API from the Engine bundle unmodified and
copy/extend the new API. Thus completely decoupling the old from the new API.
Re Adapt existing implementations: Absolutely agreed.
> Make internal sling authentication publicly available
> -----------------------------------------------------
>
> Key: SLING-966
> URL: https://issues.apache.org/jira/browse/SLING-966
> Project: Sling
> Issue Type: Improvement
> Components: Engine
> Reporter: Felix Meschberger
> Attachments: SLING-966.patch, SLING-966b.patch
>
>
> Currently the SlingAuthenticator is an internal class in the Engine bundle,
> which is used by the SlingMainServlet to handle the authentication as part of
> an OSGi HTTP Service specification HttpContext object.
> To use the Sling authentication framework with the Authenticator and the
> AuthenticationHandlers outside of the SlingMainServlet, that is for other
> servlets directly registered with the OSGi HttpService the authentication
> functionality should be made publicly available.
> One approach would be to provide a new authenticate() method in the
> Authenticator interface. Another option would be to provide an abstract
> HttpContext which already implements the HttpContext.handleSecurity method
> using the SlingAuthenticator instance.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
