[
https://issues.apache.org/jira/browse/SLING-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12804923#action_12804923
]
Carsten Ziegeler commented on SLING-1314:
-----------------------------------------
> My second proposal (which I would prefer) would be to create the new proposed
> AuthenticationFeedbackHandler interface and similar to the
> AuthenticationHandler give the possibility to register it as service on a
> given path
I think the feedback handler and the authentication handler is one unit - so I
would not split it up into to different services that have to be configured on
the same path. This might lead to configuration problems etc.
But I agree that AuthenticationInfo is more a data object - so what about this:
The Authenticator checks if the used authentication handler implements the
feedback handler interface and either calls it in this case or calls the
default feedback handler?
> Add support for login feedback from Authenticator to authentication handler
> ---------------------------------------------------------------------------
>
> Key: SLING-1314
> URL: https://issues.apache.org/jira/browse/SLING-1314
> Project: Sling
> Issue Type: New Feature
> Components: Commons
> Reporter: Felix Meschberger
>
> There might be situations (or AuthenticationHandlers, actually), desiring to
> get feedback on the outcome of authentication after providing authentication
> credentials. At the moment this "feedback" is limited to the case of failed
> login when the SlingAuthenticator calls back into the AuthenticationHandler
> to request credentials. But this is only indirect feedback in the failure
> case.
> I propose to extend the feedback transfer as follows:
> * Add AuthenticationFeedbackHandler interface with two methods:
> // called if authentication failed, handler is not expected to send
> response
> // since SlingAuthenticator will call requestCredentials
> void authenticationFailed(HttpServletRequest, HttpServletResponse,
> AuthenticationInfo)
> // called if authentication succeeded, handler may write into the
> response
> // particularly setting a cookie or the like is possible here
> void authenticationSucceeded(HttpServletRequest,
> HttpServletResponse, AuthenticationInfo)
> * Add two methods to the AuthenticationInfo class to pass in a feedback
> handler:
> // May be called by the AuthenticationHandler to request feedback
> on the authentication
> void setAuthenticationFeedbackHandler(AuthenticationFeedbackHandler)
> // forward to configured feedback handler, ignored if none
> void authenticationFailed(HttpServletRequest, HttpServletResponse)
> // forward to configured feedback handler or handle redirect
> request if none
> void authenticationSucceeded(HttpServletRequest,
> HttpServletResponse)
> * SlingAuthenticator calls the new AuthenticationInfo methods on success or
> failure after login
> * The default behaviour of the AuthenticationInfo.authenticationSucceeded
> is to redirect to a desired target. This moves the
> SlingAuthenticator.handleRedirect method to a (probably) new static method,
> which is called by the AuthenticationInfo class and which may also be called
> by any implementation of the AuthenticationFeedbackHandler.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
