[
https://issues.apache.org/jira/browse/TINKERPOP-1657?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15953681#comment-15953681
]
ASF GitHub Bot commented on TINKERPOP-1657:
-------------------------------------------
Github user spmallette commented on the issue:
https://github.com/apache/tinkerpop/pull/583
@robertdale i'm glad you're thinking at that level wrt to security aspects
of Gremlin Server. My understanding of SSL beyond what I've implemented so far
is pretty weak, so if you have additional ideas there that would make things
better that would be great. I can't say if this PR helps with what you
described. My understanding of your comment makes me feel like it doesn't help
directly and that the current way to do that would be a fresh `Channelizer`
implementation, but I could be missing something.
> Provide abstraction to easily allow different HttpAuth schemes
> --------------------------------------------------------------
>
> Key: TINKERPOP-1657
> URL: https://issues.apache.org/jira/browse/TINKERPOP-1657
> Project: TinkerPop
> Issue Type: Improvement
> Components: server
> Reporter: Keith Lohnes
>
> The current HttpChannelizer allows for extension through an Authenticator
> class supplied through the authorization settings. There isn't, however, an
> extension point for an authentication handler. Currently the choice is
> between the `AllowAllAuthenticator` or the `HttpBasicAuthenticationHandler`.
> One would need to create a new channelizer where the HttpChannelizer would
> suffice. Creating an abstract class that can be extended would make it easier
> to extend Authentication for things like token authentication schemes.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
