Why not to improve it ? Instead of using username/password we can improve it to use Token, with UsernamePasswordToken as default impl for DefaultAuthenticationStrategy (UsernamePasswordAuthenticationStrategy).
Moving it to wicket-auth-roles will lead to explanations like: To be able to do simple things like username/passwd authentication you need to either use -auth-roles which is actually an example or roll your own impl. And the recent poll by Jeremy showed that many users use home backed solutions. On Fri, Oct 26, 2012 at 10:21 AM, Sven Meier <[email protected]> wrote: > I agree, it would be better placed in wicket-authroles. > > Sven > > > On 10/25/2012 07:19 PM, Jesse Long wrote: >> >> Hi all, >> >> IAuthenticationStrategy is pretty much only used by wicket-authroles. This >> was enough cause to get Session#authenticate kicked out. >> >> Also, the interface makes some assumptions about username and password >> being the only possible authentication tokens. >> >> Maybe it should be moved to wicket-authroles using a >> Application.getMetaData() type implementation in 7? >> >> Thoughts? >> >> Thanks, >> Jesse > > -- Martin Grigorov jWeekend Training, Consulting, Development http://jWeekend.com
