Just out of curiosity: why are you so keen on not being locked into the web-tier, while the actual base for your authentication is that very tier (i.e. http headers)? When will you want to check http headers outside the web-tier? On the other hand I agree with the general argument that the mmbase core should not pass these specific objects within the core.
Ernst > -----Oorspronkelijk bericht----- > Van: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Namens Ronald Wildenberg > Verzonden: dinsdag 5 oktober 2004 14:26 > Aan: [EMAIL PROTECTED] > Onderwerp: RE: Extend authentication by using http request header info > > > > Ronald Wildenberg wrote: > > > I do not see this anywhere in the source code. I assume > you mean the > > > > 'method' attribute of the <mm:cloud .../> tag? The value of this > > > attribute is not passed to the Authentication#login(...) > method, so > > > implementing an additional authentication method is not possible > this > > > way. > > > > > > I thought you wanted to (optionally) not use the cloud-tag? > > Well, I do not wish to have my authentication implementation > depend on web tier objects like HttpServletRequest. This way > you prevent usage of the implementation from any code that > can not deliver these types of objects. > > Ronald. > > > > -----------------------Disclaimer------------------------- > Dit bericht (met bijlagen) is met grote zorgvuldigheid > samengesteld. Voor mogelijke onjuistheid en/of onvolledigheid > van de hierin verstrekte informatie kan Kennisnet geen > aansprakelijkheid aanvaarden, evenmin kunnen aan de inhoud > van dit bericht (met bijlagen) rechten worden ontleend. De > inhoud van dit bericht (met bijlagen) kan vertrouwelijke > informatie bevatten en is uitsluitend bestemd voor de > geadresseerde van dit bericht. Indien u niet de beoogde > ontvanger van dit bericht bent, verzoekt Kennisnet u dit > bericht te verwijderen, eventuele bijlagen niet te openen en > wijst Kennisnet u op de onrechtmatigheid van het gebruiken, > kopi�ren of verspreiden van de inhoud van dit bericht (met bijlagen). > > This message (with attachments) is given in good faith. > Kennisnet cannot assume any responsibility for the accuracy > or reliability of the information contained in this message > (with attachments), nor shall the information be construed as > constituting any obligation on the part of Kennisnet. The > information contained in this message (with attachments) may > be confidential or privileged and is only intended for the > use of the named addressee. If you are not the intended > recipient, you are requested by Kennisnet to delete this > message (with attachments) without opening it and you are > notified by Kennisnet that any disclosure, copying or > distribution of the information contained in this message > (with attachments) is strictly prohibited and unlawful. > ---------------------------------------------------------- > > >
