[jira] Closed: (SLING-1314) Add support for login feedback from Authenticator to authentication handler

Fri, 27 Aug 2010 01:52:25 -0700 

     [ 
https://issues.apache.org/jira/browse/SLING-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Felix Meschberger closed SLING-1314.
------------------------------------


Close after release

> Add support for login feedback from Authenticator to authentication handler
> ---------------------------------------------------------------------------
>
>                 Key: SLING-1314
>                 URL: https://issues.apache.org/jira/browse/SLING-1314
>             Project: Sling
>          Issue Type: New Feature
>          Components: Authentication
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>             Fix For: Auth Core 1.0.0
>
>         Attachments: SLING-1314.patch, 
> SLING-1314_fix_AuthenticationInfo_remove.txt
>
>
> There might be situations (or AuthenticationHandlers, actually), desiring to 
> get feedback on the outcome of authentication after providing authentication 
> credentials. At the moment this "feedback" is limited to the case of failed 
> login when the SlingAuthenticator calls back into the AuthenticationHandler 
> to request credentials. But this is only indirect feedback in the failure 
> case.
> I propose to extend the feedback transfer as follows:
>   * Add AuthenticationFeedbackHandler interface with two methods:
>           // called if authentication failed, handler is not expected to send 
> response
>           // since SlingAuthenticator will call requestCredentials
>           void authenticationFailed(HttpServletRequest, HttpServletResponse, 
> AuthenticationInfo)
>           // called if authentication succeeded, handler may write into the 
> response
>           // particularly setting a cookie or the like is possible here
>           void authenticationSucceeded(HttpServletRequest, 
> HttpServletResponse, AuthenticationInfo)
>   * Add  two methods to the AuthenticationInfo class to pass in a feedback 
> handler:
>           // May be called by the AuthenticationHandler to request feedback 
> on the authentication
>           void setAuthenticationFeedbackHandler(AuthenticationFeedbackHandler)
>           // forward to configured feedback handler, ignored if none
>           void authenticationFailed(HttpServletRequest, HttpServletResponse)
>           // forward to configured feedback handler or handle redirect 
> request if none
>           void authenticationSucceeded(HttpServletRequest, 
> HttpServletResponse)
>   * SlingAuthenticator calls the new AuthenticationInfo methods on success or 
> failure after login
>   * The default behaviour of the AuthenticationInfo.authenticationSucceeded 
> is to redirect to a desired target. This moves the 
> SlingAuthenticator.handleRedirect method to a (probably) new static method, 
> which is called by the AuthenticationInfo class and which may also be called 
> by any implementation of the AuthenticationFeedbackHandler.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to