On Sun, Feb 1, 2009 at 2:27 AM, Rory Douglas <[email protected]> wrote: > When multiple AuthenticationHandlers are registered for a given path prefix, > the SlingAuthenticator tries each one in turn until one returns an > AuthenticationInfo object. There is no way to control the order in which > the handlers are tried.
A solution that is sub-optimal, but at least gives you full control and works with current Sling, is simply to write your custom authentication handler that handles all cases in the correct order. For example, if you want to handle OpenID and fall back to HTTP Basic Auth if no OpenID is available, you could subclass from the existing basic auth handler; in there you call/check for OpenID auth first and call the super implementation if no OpenID is available. This way you can also handle corner-cases where two authentication schemes might overlap in some way. But I would still opt for re-use of existing classes through simple configuration, most cases are probably rather simple and just require the proper order. Regards, Alex -- Alexander Klimetschek [email protected]
