[
https://issues.apache.org/jira/browse/SLING-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15418892#comment-15418892
]
Carsten Ziegeler commented on SLING-5792:
-----------------------------------------
[~anchela] Thanks for the update. I've now looked in more detail into this, and
I have to reconsider my opinion. I think an AuthenticationRequirement is not
needed - sorry for not realising this earlier:
With the service registration property AuthConstants.AUTH_REQUIREMENTS a
whiteboard pattern is defined, and any service can provide auth requirements.
Registering such a service is equivalent to calling the setRequirements,
modifying the service registration property is equivalent to calling append or
remove on your interface and removing the service is equivalent to calling
clearRequirements. The interface does not provide new functionality.
However, clearly the documentation of AuthConstants.AUTH_REQUIREMENTS is wrong
as it points to implementation details. We need to update the docs for
AuthConstants.AUTH_REQUIREMENTS as this is really public API.
The implementation of handling the modified event might be improved making
adding or removing single entries more efficient - but that's an implementation
problem.
> API to manage Authentication Requirement
> ----------------------------------------
>
> Key: SLING-5792
> URL: https://issues.apache.org/jira/browse/SLING-5792
> Project: Sling
> Issue Type: Sub-task
> Components: Authentication
> Reporter: angela
>
> Apart from the constant {{AuthConstants.AUTH_REQUIREMENTS}} there is no
> public API available that allowed applications to change the list of
> authentication requirement entries.
> Instead, applications need to know and rely on implementation details, which
> not only includes registering services with the
> {{AuthConstants.AUTH_REQUIREMENTS}} property included but also know about the
> required format of the property, which from my point of view should be and
> remain an implementation detail of
> {{org.apache.sling.auth.core.impl.SlingAuthenticator}}, which IMO should not
> be considered public API.
> To me it would feel more natural if there existed a
> {{AuthenticationRequirement}} interface defining methods to
> extend/update/clear the auth-requirements bound to a particular service
> reference and having {{org.apache.sling.auth.core.impl.SlingAuthenticator}}
> implementing that interface.
> Doing so, might also be beneficial from a performance/scalability POV but I
> would like to cover that in a separate sub-task.
> Proposal for this sub-tasks will follow as I am moving forward.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
