geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevan Miller <kevan.mil...@gmail.com>
Subject Re: svn commit: r565599 - in /geronimo/server/trunk: applications/console/geronimo-console-core/src/main/java/org/apache/geronimo/console/core/security/ applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/securitymanage...
Date Tue, 14 Aug 2007 12:27:11 GMT

On Aug 14, 2007, at 2:29 AM, David Jencks wrote:

>
> On Aug 13, 2007, at 9:33 PM, Kevan Miller wrote:
>
>> I'd also make the following changes.
>>
>> Comments? The Test updates are optional, but may as well clean  
>> those up.
>
> I agree with all of these except the  
> CallerIdentityPasswordCredentialLoginModule.  I think there are two  
> choices:
>
> 1. throw a FailedLoginException() in login if   
> resourcePrincipalName == null || userName == null || password == null
> 2. do nothing except return false in commit if  
> resourcePrincipalName == null || userName == null || password == null.
>
> I lean towards the second.  Normally we will already have verified  
> that all the necessary info is present in a previous login module.   
> If its not present, then if we don't add a PasswordCredential then  
> I believe the authentication for the connector will use whatever  
> default is configured which seems to me like a reasonable fallback.

Yeah, I flip-flopped several times on how to handle  
CallerIdentityPasswordCredentialLoginModule. I'm good with 2.

--kevan

Mime
View raw message