Hi Felix, Thank you for the hints. Actually I found out there were problems with the service registration, hence the weird behavior. Now I fixed the issue and everything works as expected.
Thanks again, Davide On Thu, Feb 18, 2010 at 11:11 PM, Felix Meschberger <[email protected]>wrote: > Hi, > > On 18.02.2010 17:04, Davide Maestroni wrote: > > Hi all, > > > > I have some problems with authentication: maybe I'm missing something but > I > > couldn't have it work as expected. > > > > What I would like to do is to have an AuthenticationHandler to manage > > authentication for all the resources under the path "/root", with the > > exception of the login servlet, which I registered under the path > > "/root/login". > > To achieve it I implemented and register my handler adding the following > SCR > > properties: > > > > * @scr.property nameRef="AuthenticationHandler.PATH_PROPERTY" > > * value="/root" > > * @scr.property name="sling.auth.requirements" > > * value="/root" > > > > Then I implemented and registered the login servlet with the following > > properties: > > > > * @scr.property name="sling.auth.requirements" value="-/root/login" > > > > When I tried to get a resource (let's say "/root/res1") I expected my > > handler to be called for authentication, and so it happened. The handler > > returned null credentials since no login was performed yet, and I > expected > > the authentication to fail, but, unfortunately, this did not happen. > > So, I tried to disable any anonymous session from the web console, and > this > > time the access was denied. But, when I then tried to call the login > > servlet, I was not authorized to do so. > > > > Is there something wrong with my properties? Am I using the > authentication > > framework in the wrong way? > > Is there a way to achieve what I want without the need to disable > anonymous > > sessions? > > Your setup looks right and should be sufficient, no need to disable > anonymous login. > > Do you have the latest trunk builds of the Commons Auth and Engine > bundles installed ? > > You might also want to check the "Authenticator" page in the Web Console > for the correct setup of the Authentication requirements. > > Regards > Felix > > > > > Thanks in advance, > > > > Dave > > >
