Michiel Meeuwissen wrote:
A new method on CloudContext:
/** * Acquires information about the currently configured Authentication implementation. * @since MMBase-1.8 */ public AuthenticationData getAuthentication();
which simply returns mmb.getMMBaseCop().getAuthentication();
We must indeed use a String here, identifying the cloud
static final int METHOD_UNSET = -1;
// general methods static final int METHOD_ANONYMOUS = 0; static final int METHOD_DELEGATE = 1; static final int METHOD_PAGELOGON = 2;
// http methods
static final int METHOD_HTTP = 100;
static final int METHOD_ASIS = 101;
static final int METHOD_LOGOUT = 102;
static final int METHOD_LOGINPAGE = 103;
static final int METHOD_SESSIONDELEGATE = 104;
static final int METHOD_SESSIONLOGON = 105;
Why not strings? this will be a lot clearder IMHO
//static final int METHOD_GIVEN_OR_ANONYMOUS = 5;
static final int METHOD_DEFAULT = Integer.MAX_VALUE;
/** * Common parameters for logon-info */ static final Parameter PARAMETER_USERNAME = new Parameter("username", String.class); static final Parameter PARAMETER_PASSWORD = new Parameter("password", String.class); static final Parameter PARAMETER_USERNAMES = new Parameter("usernames", java.util.List.class); static final Parameter PARAMETER_RANK = new Parameter("rank", Rank.class);
/** * The method returns wether the UserContext has become invalid for some reason (change in security config?) * @param userContext The UserContext of which we want to know the rights * @return <code>true</code> when valid, otherwise <code>false</code> * @exception SecurityException When something strang happend */ boolean isValid(UserContext userContext) throws SecurityException;
/**
* Several 'methods' to authenticate could be available.
* This method converts a user-friendly string describing the 'method' to a integer constant which can be used in * [EMAIL PROTECTED] getApplications(int)}.
* @param m A String like 'http', 'anonymous', 'loginpage', or 'delegatesession'. * @return An integer contant.
*/
int getMethod(String m);
Why do we have this method? I dont want to have integer values,...
/**
* The security implementation can override a default method. The default default method (as
* implemented in [EMAIL PROTECTED] org.mmbase.security.Authentication} for the 'http' protocol is HTTP
* (which means that basic authentication of the http protocol can be used), but may not be
* feasible for every implementation (it is e.g. useless if the security implementation does not have
* name/password authentication).
* @param protocol For which protocol or <code>null</code>, which means 'HTTP/1.1'.
*/
int getDefaultMethod(String protocol);
What is the difference between getTypes(protocol)[0]?
/** * Gives all availabe authentication types. The first one can be used as the default. */ String[] getTypes();
/** * For a given method, returns the available 'applications'. The first one can be used as the default. */ String[] getTypes(int method);
/**
* For a given authentication type returns a parameters object to fill with credentials. [EMAIL PROTECTED] Parameters#toMap} can be used as the second argument * for [EMAIL PROTECTED] org.mmbase.security.Authentication#login}
*/
Parameters getParameters(String application);
Maybe im overlooking something, but imho you could also solve it with the following interface:
AuthenticationData {
String[] getMethods() {
return String[] getMethods("HTTP/1.1");
}
/**
* Order of result specifies what should be the path of
negociation, first try the method at [0] (the defualt)
*/
String[] getMethods(String protocol);
Parameter[] getParameters(String method);
boolean isValid(UserContext userContext);
}And i dont understand competely the difference between protocol / application / method ;)
Also, when i designed the security it was possible to wrap JAAS, did you have a peek at how they solved this? (i dont remeber how it worked)
_______________________________________________
Developers mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/developers
