abdera-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James M Snell <jasn...@gmail.com>
Subject Re: server servlet decoupling
Date Tue, 21 Aug 2007 19:51:51 GMT
The servlets in the security module are just helpers related to XML
encryption and digital signatures.  They basically just wrap the
AbderaSecurity component that actually contains the encryption and dsig
logic.

- James

Dan Diephouse wrote:
> On 8/21/07, James M Snell <jasnell@gmail.com> wrote:
>> This was certainly one of the original intents, I just hadn't ever
>> managed to get around to it.
>>
>> Dan Diephouse wrote:
>>> I was wondering what people's thoughts were on decoupling the server
>> module
>>> from servlets a bit. This would allow abdera to be frontend by other
>> things
>>> a bit more easily (like a MINA based HTTP server).
>>>
>>> I think it would mainly involve two parts
>>> 1. Adding a thin wrapper for HttpServletResponse and use that inside the
>>> RequestHandler instead.
>> We already have ResponseContext; it's likely that can be refactored for
>> this purpose.
> 
> 
> OK. I'll see if I can't put a patch together for this for post 0.3.
> 
>> 2. Stop using Servlet Filters for things like security, and provide some
>>> sort of mechanism to do that inside abdera. (Not sure if this is
>> feasible or
>>> not - I haven't looked into this side of things too much)
>>>
>> There is already the notion of a Subject Resolver. Currently the default
>> is to get the Subject/Principal from the servlet request.  An
>> alternative Subject Resolver can be provided that pulls auth details
>> from somewhere else.
> 
> 
> I was thinking more about the abdera-security module which seems to be a
> collection of servlet filters.
> 
> - Dan

Mime
View raw message