geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <>
Subject [jira] Commented: (GERONIMO-5468) Support authenticate/login/logout methods in the HttpServletRequest interface
Date Sat, 18 Sep 2010 07:12:32 GMT


David Jencks commented on GERONIMO-5468:

I had a very informative note from Ron Monzilla.  Based on this I think we should do the following,
for both jetty and tomcat:

1. Have a geronimo managed way of storing credentials in the session.  A jaspic auth context
can supply such credentials in the MessageInfo map using a geronimo specific key.  Build in
auth methods can use the same technique.

2. The login method can use the PasswordValidationCallback for a jaspic auth context.  We'll
need some kind of configuration flag to determine if the result should be stored in the session
as in (1)

3. The logout method will always remove the cached credentials from the session if present.
 For a jaspic context it will call cleanSubject (which is not currently called).

Jaspic auth module providers can use their own way of caching info independent of the HttpSession.
 Presumably they can use the cleanSubject method to remove this info.

> Support authenticate/login/logout methods in the HttpServletRequest interface
> -----------------------------------------------------------------------------
>                 Key: GERONIMO-5468
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: Tomcat
>    Affects Versions: 3.0-M1, 3.0
>            Reporter: Ivan
>            Assignee: Han Hong Fang
>             Fix For: 3.0
>         Attachments: GERONIMO-5468-geronimo-2.diff, GERONIMO-5468-tomcat-fork.diff, GERONIMO-5468-tomcat-original.diff,
> In Servlet 3.0, authenticate/login/logout methods are added in the HttpServletRequest
interface, we need to support them in Geronimo's way.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message