On 1/4/08, Kevin Conaway <[EMAIL PROTECTED]> wrote: > Perhaps some kind of hook would be appropriate in authenticate(). > Adding that kind of behavior to checkSecrets() feels bolted on to me > because checkSecrets() now becomes "check secrets, but maybe do some > other stuff too" > > Perhaps in authenticate(), if checkSecrets() is true, call > authenticated(Request) which is a no-op by default.
The problem is that I need to chat with a web service to see if the credentials are valid. If they are, then I get some identity information returned that I want to store on the request. If I wanted to make two request to that web service, the current class works fine because the authorize() method has the request and response as parameters. --Alex Milowski
