Sumit Verma said the following on 06/03/2011 05:28 PM: > Isn't the method name onAuthenticate() misleading then? Because it's > not firing _on_ authentication request. If it's a lifecycle method > wouldn't it be better to call it Authenticate()... Possibly. The original thinking behind things is that onAuthenticate would always be called if defined -- indicating that authentication is needed for this endpoint. Whether or not authentication for all requests to the endpoint is needed is up to the concrete endpoint implementation.
It just happens to be that the REST endpoints allow you set metadata on the method to see if that method needs authentication. I can see how it might cause a little confusion if you look at it in particular light. The endpoint request life cycle is much more course in nature while the functionality offered in the REST endpoint is much more granular. @Doug, thoughts on a name change? I'm less apt to change it. .pjf -- Peter J. Farrell [email protected] [email protected] http://blog.maestropublishing.com Identi.ca / Twitter: @maestrofjp -- To post to this group, send email to [email protected] For more options and to unsubscribe, visit this group at http://groups.google.com/group/mach-ii-for-coldfusion?hl=en SVN: http://svn.mach-ii.com/machii/ Wiki / Documentation / Tickets: http://trac.mach-ii.com/machii/
