Jerome,
Is this change going to be seen in the 1.0.x line? I was looking for it
in 1.0.2, but not seeing it. I need Vary: Authorization header support
as well (I need it for a different reason, however).
Also, due to lack of support, how do I add to Vary header? I'm calling:
Form myheaders = new Form();
myheaders.add("Vary", "Authorization");
response.getAttributes.put("org.restlet.http.headers", myheaders);
However, it seems that the Vary header is overwritten somewhere else.
The actual header coming off the server ends up being:
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
I'm missing the "Authorization" part. Where is this Vary header being
generated?
Thanks,
Adam
Jerome Louvel wrote:
Hi Stian,
Excellent idea. I have added a Dimension.AUTHORIZATION enum entry and
supported it in the HTTP client and server connectors. Checked in SVN trunk.
Best regards,
Jerome
-----Message d'origine-----
De : Stian Soiland [mailto:[EMAIL PROTECTED]
Envoyé : lundi 11 juin 2007 22:44
À : discuss@restlet.tigris.org
Objet : Vary: Authorization with Dimensions
After a discussion on rest-discuss[1] we came to some
conclusion that
a clean way for a client to find it's own user resource based
on it's
authentication would ideally be something like:
GET /users;current (or HEAD)
Authorization: (basic: stain:****)
307 Temporary redirect
Location: /users/stain
Vary: Authorization
Cache-Control: private
So the resource /users;current varies by Authorization (it is put
behind a userguard to require auth), and it redirects to whatever is
the current user's home.
(Vary says which headers in the client's request will make the
response vary, typically Accept-Charset etc.)
Now I can't set the Vary header manually (it's one of the restricted
headers), but Restlet provides a property called Dimensions for this
purpose. The closest I could get was:
public class CurrentUserResource extends Resource {
public CurrentUserResource(Context context, Request
req, Response
response) {
super(context, req, response);
}
private static URIFactory uriFactory = URIFactory.getInstance();
@Override
public void handleGet() {
// Set headers to indicate that this
redirection is only valid with
// current Authorization
Form additionalHeaders = new Form();
additionalHeaders.add("Cache-Control", "private");
// FIXME: Should be able to do Vary:
Authorization instead of *
//additionalHeaders.add("Vary", "Authorization");
getResponse().getDimensions().add(Dimension.UNSPECIFIED);
getResponse().getAttributes().put(HttpConstants.ATTRIBUTE_HEADERS,
additionalHeaders);
User user =
(User) getContext().getAttributes().get(
UserGuard.AUTHENTICATED_USER);
getResponse().redirectTemporary(uriFactory.getURI(user));
}
}
However Dimension.UNSPECIFIED would send a Vary: * so that all
headers cause vary, but it's only Authorization that does.
Is it possible to add Vary: Authorized in some other way? The
current Dimension enum doesn't have anything close.
Using:
additionalHeaders.add("Vary", "Authorization");
gives:
WARNING: Addition of the standard header "Vary" is not allowed.
Please use the Restlet API instead.
(even if getResponse().getDimensions() is empty, as when using
handleGet())
[1] http://tech.groups.yahoo.com/group/rest-discuss/message/8464
--
Stian Soiland, myGrid team
School of Computer Science
The University of Manchester
http://www.cs.man.ac.uk/~ssoiland/
