Hi David, Im working on a standalone app as requested - I keep changing my my mind about the design however.
Creating the challenges is no problem, as they are just subclasses of LiftResponse, however, I cant settle on how best to handle the authorization. If I want to create a challenge, then that obviously needs to be in a addDispatchBefore block as its a subclass of LiftResponse. However, as I got thinking about this, and what would happen if the client preempted the challenge and passed the Authorization header we want to check the contents of that header using the code im writing, and then continue with servicing that request (or create a challenge if the auth failed) So then - it strikes me that the security concepts of this belong with SiteMap, but actually serving the challenges etc belong with dispatching... Can someone lend me some guidence on the most lift appropriate design? Im all ears :-) Cheers Tim --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Lift" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~----------~----~----~----~------~----~------~--~---
