DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators

[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-26 16:44 ---
I'm all for making the entry public. I think I'm going to apply your patch.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-26 21:58 ---
This is committed. I don't see the point of not allowing to extend the entry as
well, so I also patched it.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-25 14:55 ---
After reviewing, I am not going to apply this patch or the other. I don't see
the point of adding complexity and additional interfaces when SSO is used
through a standard Valve (SingleSignOn), which can easily be extended to
implement the needed clustering support.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-26 05:48 ---
I thought you might feel that way about the 28039 patch, which is one reason 
why I wrote the interface proposal ;-)  And, it's true an interface isn't 
absolutely needed; subclassing would work.  The fact that SingleSignOnEntry is 
not public (and I'm not arguing it should be) is a big stumbling block in 
easily subclassing SingleSignOn, but getting around that problem in a subclass 
is no harder than writing a whole new implementation of an interface.

But, to get subclassing to work effectively, a couple things need to be 
changed:

1) AuthenticatorBase.reauthenticateFromSSO() invokes SingleSignOn.lookup().  
This method returns a SingleSignOnEntry, which is a package protected class.  
This effectively precludes subclassing this method.  

2) SingleSignOn.update() is package protected, again preventing subclassing.

I'm attaching another patch that addresses these two issues by:

1) Changing the way AuthenticatorBase.reauthenticateFromSSO() works so it does 
not need to call SingleSignOn.lookup().  lookup() is now only called 
internally in SingleSignOn, so someone who wished to write a subclass could 
just remove any calls to it, write their own lookup algorithm, and replace 
SingleSignOnEntry with their own class.

2) Makes SingleSignOn.update() protected.

Maybe 3rd time's the charm? ;-)

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-26 05:49 ---
Created an attachment (id=11330)
Patch to allow subclassing

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-10 15:11 ---
Your two related patches seem useful. I'll look at them.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-10 18:06 ---
Great.  I'm sorry to say the two patches conflict (not logically, but in the 
sense that they are diffs to the same code base), but if one is committed I'll 
gladly redo the other.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28286] - Loosely couple SingleSignOn Valve and Authenticators

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=28286.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28286

Loosely couple SingleSignOn Valve and Authenticators





--- Additional Comments From [EMAIL PROTECTED]  2004-04-08 17:37 ---
Created an attachment (id=11188)
Patch with a diff and new interface SSOValve

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]