On Fri, Oct 26, 2012 at 11:34 AM, Sven Meier <[email protected]> wrote: >>I don't want to promote wicket-auth-roles to be something more >> than example but moving IAuthenticationStrategy there will help for this. > > Ok, now I understand. Perhaps time to move wicket-auth-roles to > wicket-examples then :P.
Once in the wild it is not so easy to move it there now. Many people actually use it as Maven dependency and they will complain if we do this. > > Fo me IAuthenticationStrategy is an example only, so it fits perfectly into > wicket-auth-roles (and is used there only). :-) Not sure about this. It is like saying HttpSessionDataStore is not used anywhere in Wicket sources so let's drop it completely. > > Sven > > > > On 10/26/2012 10:28 AM, Martin Grigorov wrote: >> >> On Fri, Oct 26, 2012 at 11:20 AM, Sven Meier <[email protected]> wrote: >>>> >>>> Why not to improve it ? >>> >>> >>> Sure, we can improve it. >>> >>> But for now it's just an ugly interface (see the #load() method) which is >>> used by SignInPanel in wicket-auth-roles. >>> >>> >>>> -auth-roles which is actually an example >>> >>> >>> How does keeping IAuthenticationStrategy in core help wicket-auth-roles >>> being more than an example? >> >> I don't want to promote wicket-auth-roles to be something more than >> example but moving IAuthenticationStrategy there will help for this. >> >>> >>>> And the recent poll by Jeremy showed that many users use home backed >>>> solutions. >>> >>> >>> For the others we have wicketstuff-shiro already. >> >> Not quite :-) >> It has been disabled (not migrated) until now. >> >>> Best regards >>> Sven >>> >>> >>> >>> On 10/26/2012 09:55 AM, Martin Grigorov wrote: >>>> >>>> Why not to improve it ? >>>> Instead of using username/password we can improve it to use Token, >>>> with UsernamePasswordToken as default impl for >>>> DefaultAuthenticationStrategy >>>> (UsernamePasswordAuthenticationStrategy). >>>> >>>> Moving it to wicket-auth-roles will lead to explanations like: To be >>>> able to do simple things like username/passwd authentication you need >>>> to either use -auth-roles which is actually an example or roll your >>>> own impl. >>>> And the recent poll by Jeremy showed that many users use home backed >>>> solutions. >>>> >>>> On Fri, Oct 26, 2012 at 10:21 AM, Sven Meier <[email protected]> wrote: >>>>> >>>>> I agree, it would be better placed in wicket-authroles. >>>>> >>>>> Sven >>>>> >>>>> >>>>> On 10/25/2012 07:19 PM, Jesse Long wrote: >>>>>> >>>>>> Hi all, >>>>>> >>>>>> IAuthenticationStrategy is pretty much only used by wicket-authroles. >>>>>> This >>>>>> was enough cause to get Session#authenticate kicked out. >>>>>> >>>>>> Also, the interface makes some assumptions about username and password >>>>>> being the only possible authentication tokens. >>>>>> >>>>>> Maybe it should be moved to wicket-authroles using a >>>>>> Application.getMetaData() type implementation in 7? >>>>>> >>>>>> Thoughts? >>>>>> >>>>>> Thanks, >>>>>> Jesse >>>>> >>>>> >>>> >> >> > -- Martin Grigorov jWeekend Training, Consulting, Development http://jWeekend.com
