Seems okay. My only questions are: * Is it necessary to surface GadgetExceptions in many places? * Is there any particular reason BlobCrypter is calling URLDecoder.decode()? Maybe we should rename it UrlEncodedBlobCrypter :)
On 3/27/08 3:43 PM, "Kevin Brown" <[EMAIL PROTECTED]> wrote: > On Thu, Mar 27, 2008 at 3:38 PM, Brian Eaton <[EMAIL PROTECTED]> wrote: > >> Patch attached here: >> https://issues.apache.org/jira/secure/ManageAttachments.jspa?id=12392506 >> >> This doesn't do OAuth, it just has the refactoring. If people are >> happy with this approach then OAuth is very close behind. >> >> Paul, Kevin, others? Comments? > > > I think it looks fine -- some minor issues like using StringBuffers instead > of StringBuilders in non-threaded code, but we can always fix that later. > > >> >> On Mon, Mar 24, 2008 at 6:11 PM, Brian Eaton <[EMAIL PROTECTED]> wrote: >>> On Mon, Mar 24, 2008 at 6:07 PM, Kevin Brown <[EMAIL PROTECTED]> wrote: >>>> How about a handler to filter out all requests to internal >> addresses? Filter >>>> out certain request headers? >>> >>> OK, good ideas. >>> >>> >>> On Mon, Mar 24, 2008 at 6:08 PM, Paul Lindner <[EMAIL PROTECTED]> wrote: >>>> I could see a case for a number of handlers. Especially in the areas >> of >>>> caching and authorization (including quota/throttling), etc.. >>> >>> Two more good ideas. >>> >>> I withdraw my earlier comments about not seeing a need for more than >>> two handlers in the chain. >>> >> > >
