Hi,
On 17.08.2010 08:35, Mike Müller wrote:
>>>> snip snap
>>> So my suggestion is to make a tiny enhancement to the
>>> AuthenticationInfoPostProcessor and to abandon my patch with
>>> the CredentialsValidator.
>>> I would let the postProcess method throw an exception in which
>>> case Sling should abort the request dispatching. Because in this
>>> case AuthenticationInfoPostProcessor is much more generic than
>>> the CrednetialsValidator (which should only validate credentials)
>>> Sling can't handle the Exception in a predefined manner, that means
>>> the AuthenticationInfoPostProcessor has to forward to a login or
>>> whatever in case of en error.
>>
>> This is fine with me. It is just a matter of adding "throws Exception"
>> to the postProcess() method? Or did you have a specific exception in
>> mind?
>>
>> Justin
>
> I'm fine with just a plain Exception. But we also have to make a small
> change in the SlingAuthenticator to catch the Exception and return false
> in the handleSecurity method.
> I will prepare a patch and attach it to SLING-1593.
I happen to dislike plain Exception.
How about this:
* We declare LoginException as a checked exception which may
be thrown and handled like LoginException thrown from the
ResourceResolverFactory.getResourceResolver method
* Document SlingException may be thrown to convey any problem
while handling the credentials
* In the SlingAuthenticator we will still catch all Exceptions
and only handle LoginException specially
WDYT ?
Regards
Felix
>
> best regards
> mike
>
