On Mon, 2010-05-03 at 17:37 -0400, Eric Rizzo wrote: > I'm writing a "bridge" web app that needs to accept login from > credentials from users and use HttpClient to authenticate them to > another site/service. I also need to remember the session (track it in > my app's session) so that my app can continue interactions with the > other site/service. > After reading the docs and tutorials (well, what seem like the > relevant parts), my thought is to use a single HttpClient instance and > store individual HttpContext instances with each of my user sessions. > Does that make sense, or would it be better to just use a separate > HttpClient instance per user? Or some other strategy?
Single HttpClient instance and a separate local HttpContext per user / thread is the way to go > As for the custom authentication, I'm struggling on how to plug in > there. I don't think I can just write a CredentialsProvider, because > the credentials should not be shared in the HttpClient (which is > shared for the whole app), You can always set a different CredentialsProvider in the local context which will override the one set at the client level > plus I have to get the credentials from my > own app's authentication process (using aSpring > AuthenticationProvider, if anyone cares) and the CrednetialsProvider > interface does not seem to provide enough contect for me to get the > credentials at login time. > Why is that? > So, are there any example of this kind of thing or ideas for how best > to architect this? I've been unable to find any examples that seem to > apply, but am willing to do more reading or experimentation if pointed > in the right directions. > I still do see a good reason why you could not implement a custom credentials provider and create a different instance of it on a per user / thread basis. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
