Why not to improve it ?
Sure, we can improve it.
But for now it's just an ugly interface (see the #load() method) which is used
by SignInPanel in wicket-auth-roles.
-auth-roles which is actually an example
How does keeping IAuthenticationStrategy in core help wicket-auth-roles being
more than an example?
And the recent poll by Jeremy showed that many users use home backed solutions.
For the others we have wicketstuff-shiro already.
Best regards
Sven
On 10/26/2012 09:55 AM, Martin Grigorov wrote:
Why not to improve it ?
Instead of using username/password we can improve it to use Token,
with UsernamePasswordToken as default impl for
DefaultAuthenticationStrategy
(UsernamePasswordAuthenticationStrategy).
Moving it to wicket-auth-roles will lead to explanations like: To be
able to do simple things like username/passwd authentication you need
to either use -auth-roles which is actually an example or roll your
own impl.
And the recent poll by Jeremy showed that many users use home backed solutions.
On Fri, Oct 26, 2012 at 10:21 AM, Sven Meier <[email protected]> wrote:
I agree, it would be better placed in wicket-authroles.
Sven
On 10/25/2012 07:19 PM, Jesse Long wrote:
Hi all,
IAuthenticationStrategy is pretty much only used by wicket-authroles. This
was enough cause to get Session#authenticate kicked out.
Also, the interface makes some assumptions about username and password
being the only possible authentication tokens.
Maybe it should be moved to wicket-authroles using a
Application.getMetaData() type implementation in 7?
Thoughts?
Thanks,
Jesse
