[jira] Commented: (SLING-852) PluggableLoginModule to provide DefaultLoginModule extensions via bundle services

Sun, 08 Feb 2009 12:13:23 -0800 

    [ 
https://issues.apache.org/jira/browse/SLING-852?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12671667#action_12671667
 ] 

Felix Meschberger commented on SLING-852:
-----------------------------------------

Thanks for supplying this patch. I have applied it slightly modified in Rev. 
742152

Changes to the original patch:

* The LoginModulePlugin tracker is maintained in the Activator for it to be 
closed when the bundle is stopped. I am always a bit weary if things are not 
cleaned up properly and LoginModules of Jackrabbit have no lifecycle support. 
By maintaining the tracker in the Activator, I can close it when the bundle is 
stopped.

* As discussed I moved the classes from o.a.s.jcr.jackrabbit.server to 
o.a.s.jcr.jackrabbit.server.impl (to mark them as implementation as opposed to 
the new security API)

* Applied a small fix to the DOCTYPE of the repository.xml (this error was 
pre-existing and is unrelated to this patch)

> PluggableLoginModule to provide DefaultLoginModule extensions via bundle 
> services
> ---------------------------------------------------------------------------------
>
>                 Key: SLING-852
>                 URL: https://issues.apache.org/jira/browse/SLING-852
>             Project: Sling
>          Issue Type: New Feature
>          Components: JCR
>    Affects Versions: JCR Jackrabbit Server 2.0.2
>            Reporter: Rory Douglas
>            Assignee: Felix Meschberger
>            Priority: Minor
>         Attachments: jackrabbit-server.patch
>
>
> Enhance the Jackrabbit Server module by adding a PluggableDefaultLoginModule 
> extending DefualtLoginModule and a LoginModulePlugin interface. The 
> PluggableDefaultLoginModule uses the LoginModulePlugin instances to verify 
> the credentials presented by the user.  
> The PluggableDefaultLoginModule falls back to the DefaultLoginModule 
> implementation if there is not support for the Credentials instance presented.
> This approach allows custom AuthenticationHandlers to provide custom login 
> behavior for the Credentials they pass to the SlingAuthenticator - 
> particularly useful when no password is made available to the handler by the 
> authentication process.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to