Refine initiaition of the authentication process
------------------------------------------------
Key: SLING-938
URL: https://issues.apache.org/jira/browse/SLING-938
Project: Sling
Issue Type: Improvement
Components: Engine
Affects Versions: Engine 2.0.2
Reporter: Felix Meschberger
Assignee: Felix Meschberger
Fix For: Engine 2.0.4
Currently the authentication process can only be initiated by explicitly
calling a login page provided by some AuthenticationHandler implementation
bundle. There is no way to initiate the authentication process from within a
servlet or script (e.g. to have the user log in a 404/NOT FOUND error handler).
To support this kind of functionality the existing
SlingAuthenticator.requestAuthentcation method should be publicly accessible
through Service interface. Servlets or scripts which want to request
authentication from the client for the current request may then call this
service method.
This method applies the same authentication handler selection algorithm for the
given HttpServletRequest object as it does for finding the authentication
handler in the authenticate process. This ensures, that for a given request,
the appropriate authentication handler is called which is then able to initiate
authentication appropriately, for example by drawing a form.
For full details refer to
http://cwiki.apache.org/SLING/authentication-initiation.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
