Hi Adam, As the new Dimension required an API change, it will only go into version 1.1. The Vary header is currently generated inside the HTTP connector by looking at the "Response.dimensions" property value.
There is already a stable snapshot of Restlet 1.1 available: http://www.restlet.org/downloads/1.1/current.zip If you are not planning to go into production soon, this could be a good basis for development. Best regards, Jerome > -----Message d'origine----- > De : Adam Taft [mailto:[EMAIL PROTECTED] > Envoyé : dimanche 8 juillet 2007 08:15 > À : [email protected] > Objet : Re: Vary: Authorization with Dimensions > > Jerome, > > Is this change going to be seen in the 1.0.x line? I was > looking for it > in 1.0.2, but not seeing it. I need Vary: Authorization > header support > as well (I need it for a different reason, however). > > Also, due to lack of support, how do I add to Vary header? > I'm calling: > > Form myheaders = new Form(); > myheaders.add("Vary", "Authorization"); > response.getAttributes.put("org.restlet.http.headers", myheaders); > > However, it seems that the Vary header is overwritten somewhere else. > The actual header coming off the server ends up being: > > Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept > > I'm missing the "Authorization" part. Where is this Vary > header being > generated? > > Thanks, > > Adam > > > Jerome Louvel wrote: > > Hi Stian, > > > > Excellent idea. I have added a Dimension.AUTHORIZATION enum > entry and > > supported it in the HTTP client and server connectors. > Checked in SVN trunk. > > > > Best regards, > > Jerome > > > >> -----Message d'origine----- > >> De : Stian Soiland [mailto:[EMAIL PROTECTED] > >> Envoyé : lundi 11 juin 2007 22:44 > >> À : [email protected] > >> Objet : Vary: Authorization with Dimensions > >> > >> > >> After a discussion on rest-discuss[1] we came to some > >> conclusion that > >> a clean way for a client to find it's own user resource based > >> on it's > >> authentication would ideally be something like: > >> > >> > >> GET /users;current (or HEAD) > >> Authorization: (basic: stain:****) > >> > >> 307 Temporary redirect > >> Location: /users/stain > >> Vary: Authorization > >> Cache-Control: private > >> > >> So the resource /users;current varies by Authorization (it is put > >> behind a userguard to require auth), and it redirects to > whatever is > >> the current user's home. > >> > >> (Vary says which headers in the client's request will make the > >> response vary, typically Accept-Charset etc.) > >> > >> > >> Now I can't set the Vary header manually (it's one of the > restricted > >> headers), but Restlet provides a property called > Dimensions for this > >> purpose. The closest I could get was: > >> > >> > >> public class CurrentUserResource extends Resource { > >> public CurrentUserResource(Context context, Request > >> req, Response > >> response) { > >> super(context, req, response); > >> } > >> > >> private static URIFactory uriFactory = URIFactory.getInstance(); > >> > >> @Override > >> public void handleGet() { > >> // Set headers to indicate that this > >> redirection is only valid with > >> // current Authorization > >> > >> Form additionalHeaders = new Form(); > >> additionalHeaders.add("Cache-Control", "private"); > >> > >> // FIXME: Should be able to do Vary: > >> Authorization instead of * > >> //additionalHeaders.add("Vary", "Authorization"); > >> > >> getResponse().getDimensions().add(Dimension.UNSPECIFIED); > >> > >> > >> getResponse().getAttributes().put(HttpConstants.ATTRIBUTE_HEADERS, > >> additionalHeaders); > >> > >> User user = > >> (User) getContext().getAttributes().get( > >> UserGuard.AUTHENTICATED_USER); > >> > >> getResponse().redirectTemporary(uriFactory.getURI(user)); > >> } > >> } > >> > >> > >> > >> However Dimension.UNSPECIFIED would send a Vary: * so that all > >> headers cause vary, but it's only Authorization that does. > >> > >> > >> Is it possible to add Vary: Authorized in some other way? The > >> current Dimension enum doesn't have anything close. > >> > >> Using: > >> additionalHeaders.add("Vary", "Authorization"); > >> > >> gives: > >> > >> WARNING: Addition of the standard header "Vary" is not allowed. > >> Please use the Restlet API instead. > >> > >> (even if getResponse().getDimensions() is empty, as when using > >> handleGet()) > >> > >> > >> [1] http://tech.groups.yahoo.com/group/rest-discuss/message/8464 > >> > >> -- > >> Stian Soiland, myGrid team > >> School of Computer Science > >> The University of Manchester > >> http://www.cs.man.ac.uk/~ssoiland/ > >>
