Hi all, In Restlet 2.0, there is an Authenticator#optional boolean property that should let you chain several challenge authenticators (they are filters).
Regarding the OAuth extension, it won't reappear in Restlet 2.0 but in the next version. See the related RFE: "Redesign OAuth extension" http://restlet.tigris.org/issues/show_bug.cgi?id=606 Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -----Message d'origine----- De : Rhett Sutphin [mailto:[email protected]] Envoyé : lundi 7 décembre 2009 18:57 À : [email protected] Objet : Re: Supporting multiple types of authorization for a given route Hi David, On Dec 5, 2009, at 3:47 PM, David Bordoley wrote: > I was wondering if anyone had experience offering multiple types of > authorization (HTTP BASIC, HTTP DIGEST, OAUTH, etc.) for a given route > using Restlet. It isn't immediately apparent to me what the best way > to do this is using the ChallengeAuthenticator class. Also what is the > status of the 1.1 OAUTH extension? Will it be reintroduced in the 2.0 > cycle? Thanks, In Restlet 1.1, I did this using my own Guard subclass: https://ncisvn.nci.nih.gov/svn/psc/trunk/web/src/main/java/edu/northwestern/ bioinformatics/studycalendar/restlets/PscGuard.java This code supports both HTTP Basic and an application-specific scheme called psc_token. I haven't tried to update this for Restlet 2.0 yet. My understanding is that the security infrastructure is substantially different. Rhett ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24278 85 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2430197
