Once in the wild it is not so easy to move it there now.
Knowing the Wicket devs this won't be the only API break in Wicket 7.
It is like saying HttpSessionDataStore is not
used anywhere in Wicket sources so let's drop it completely.
See subject.
Sven
On 10/26/2012 10:56 AM, Martin Grigorov wrote:
On Fri, Oct 26, 2012 at 11:34 AM, Sven Meier <[email protected]> wrote:
I don't want to promote wicket-auth-roles to be something more
than example but moving IAuthenticationStrategy there will help for this.
Ok, now I understand. Perhaps time to move wicket-auth-roles to
wicket-examples then :P.
Once in the wild it is not so easy to move it there now. Many people
actually use it as Maven dependency and they will complain if we do
this.
Fo me IAuthenticationStrategy is an example only, so it fits perfectly into
wicket-auth-roles (and is used there only).
:-) Not sure about this. It is like saying HttpSessionDataStore is not
used anywhere in Wicket sources so let's drop it completely.
Sven
On 10/26/2012 10:28 AM, Martin Grigorov wrote:
On Fri, Oct 26, 2012 at 11:20 AM, Sven Meier <[email protected]> wrote:
Why not to improve it ?
Sure, we can improve it.
But for now it's just an ugly interface (see the #load() method) which is
used by SignInPanel in wicket-auth-roles.
-auth-roles which is actually an example
How does keeping IAuthenticationStrategy in core help wicket-auth-roles
being more than an example?
I don't want to promote wicket-auth-roles to be something more than
example but moving IAuthenticationStrategy there will help for this.
And the recent poll by Jeremy showed that many users use home backed
solutions.
For the others we have wicketstuff-shiro already.
Not quite :-)
It has been disabled (not migrated) until now.
Best regards
Sven
On 10/26/2012 09:55 AM, Martin Grigorov wrote:
Why not to improve it ?
Instead of using username/password we can improve it to use Token,
with UsernamePasswordToken as default impl for
DefaultAuthenticationStrategy
(UsernamePasswordAuthenticationStrategy).
Moving it to wicket-auth-roles will lead to explanations like: To be
able to do simple things like username/passwd authentication you need
to either use -auth-roles which is actually an example or roll your
own impl.
And the recent poll by Jeremy showed that many users use home backed
solutions.
On Fri, Oct 26, 2012 at 10:21 AM, Sven Meier <[email protected]> wrote:
I agree, it would be better placed in wicket-authroles.
Sven
On 10/25/2012 07:19 PM, Jesse Long wrote:
Hi all,
IAuthenticationStrategy is pretty much only used by wicket-authroles.
This
was enough cause to get Session#authenticate kicked out.
Also, the interface makes some assumptions about username and password
being the only possible authentication tokens.
Maybe it should be moved to wicket-authroles using a
Application.getMetaData() type implementation in 7?
Thoughts?
Thanks,
Jesse
