On Sunday November 25, 2001 03:24 pm, Tavis Rudd wrote: > On Saturday 24 November 2001 21:06, Ian Bicking wrote: > > Let's see, I missed most of the latter part of this discussion. > > I'll add to the Wiki pages, but there's a particular point I was > > confused about: > > > > On Wed, 2001-11-21 at 14:13, Tavis Rudd wrote: > > > * At what stage in the request-response cycle does > > > authentification take place (Adapter, Application, or Servlet)? > > > Doing it at the Adapter level means we can use the same mechanism > > > to protect content that isn't served via WebKit. Doing it at the > > > Application level means that we can also protect static content > > > that is served via WebKit. Doing it at the Servlet level means > > > that we can only protect servlets. > > > > I'm not entirely clear about what you are thinking of here. > > > > First, isn't everything Webware serves a Servlet? Even static > > files (that are handled by Webware) are passed through as a > > servlet. > > That's true, but the developer doesn't neccessarily have direct > access to those servlets ... unless they make a custom servlet > factory for unknown file types. And if you're fiddling with servlet > factories, you're fiddling with the Application.
It doesn't have to be that way. We could have a way to add new servlet factories and associate them with extensions without having to mess with Application at all. It would just be some settings in the Application.config that mapped extensions to servlet factory classes. Actually, now that I think about it, I'm surprised it doesn't already work this way :-) It wouldn't be hard to add in the config variables. - Geoff _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
