> Onderwerp: Re: Extend authentication by using http request header info > > Ronald Wildenberg wrote: > > > > That would be a possibility. I could then obtain all request info in
> > my login method. > > > > A small note on passing the request and response objects to the > > authentication implementation, however. This makes the authentication > > process completely dependent on the presence of a web interface. If > > login must later on occur by other means, this would be impossible > > without mocked request/response objects. > > No, it needs not be the only line of defense of your > authentication implementation. This 'method' is passed to the > authentication method 'login' > as the 'application' parameter. You can implement as many of > such methods as you like. 'delegate' is special for > cloud-tag, because that triggers the addition of request and > response objects to the credentials. I do not see this anywhere in the source code. I assume you mean the 'method' attribute of the <mm:cloud .../> tag? The value of this attribute is not passed to the Authentication#login(...) method, so implementing an additional authentication method is not possible this way. I see now that the authenticate attribute of the cloud tag is passed to the login method, so it is possible to use <mm:cloud method="delegate" authenticate="my_authentication" />. Maybe I'll do that. > > > I'll think some more about using this method, but I think I will need > > to subclass CloudTag and extend CloudTag#makeCloud with another login > > method. > > I don't think so. Well, maybe not :) > > Michiel > Ronald. -----------------------Disclaimer------------------------- Dit bericht (met bijlagen) is met grote zorgvuldigheid samengesteld. Voor mogelijke onjuistheid en/of onvolledigheid van de hierin verstrekte informatie kan Kennisnet geen aansprakelijkheid aanvaarden, evenmin kunnen aan de inhoud van dit bericht (met bijlagen) rechten worden ontleend. De inhoud van dit bericht (met bijlagen) kan vertrouwelijke informatie bevatten en is uitsluitend bestemd voor de geadresseerde van dit bericht. Indien u niet de beoogde ontvanger van dit bericht bent, verzoekt Kennisnet u dit bericht te verwijderen, eventuele bijlagen niet te openen en wijst Kennisnet u op de onrechtmatigheid van het gebruiken, kopi�ren of verspreiden van de inhoud van dit bericht (met bijlagen). This message (with attachments) is given in good faith. Kennisnet cannot assume any responsibility for the accuracy or reliability of the information contained in this message (with attachments), nor shall the information be construed as constituting any obligation on the part of Kennisnet. The information contained in this message (with attachments) may be confidential or privileged and is only intended for the use of the named addressee. If you are not the intended recipient, you are requested by Kennisnet to delete this message (with attachments) without opening it and you are notified by Kennisnet that any disclosure, copying or distribution of the information contained in this message (with attachments) is strictly prohibited and unlawful. ----------------------------------------------------------
