Return-Path: Delivered-To: apmail-jakarta-httpclient-dev-archive@www.apache.org Received: (qmail 94271 invoked from network); 6 Feb 2005 19:26:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 6 Feb 2005 19:26:29 -0000 Received: (qmail 51480 invoked by uid 500); 6 Feb 2005 19:26:28 -0000 Delivered-To: apmail-jakarta-httpclient-dev-archive@jakarta.apache.org Received: (qmail 51223 invoked by uid 500); 6 Feb 2005 19:26:27 -0000 Mailing-List: contact httpclient-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "HttpClient Project" Reply-To: "HttpClient Project" Delivered-To: mailing list httpclient-dev@jakarta.apache.org Received: (qmail 51210 invoked by uid 99); 6 Feb 2005 19:26:27 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from mxout4.cac.washington.edu (HELO mxout4.cac.washington.edu) (140.142.33.19) by apache.org (qpsmtpd/0.28) with ESMTP; Sun, 06 Feb 2005 11:26:26 -0800 Received: from smtp.washington.edu (smtp.washington.edu [140.142.32.139]) by mxout4.cac.washington.edu (8.13.1+UW04.08/8.13.3+UW05.01) with ESMTP id j16JQLUN013692 for ; Sun, 6 Feb 2005 11:26:21 -0800 Received: from [10.0.1.2] (pool-70-19-147-168.bos.east.verizon.net [70.19.147.168]) (authenticated bits=0) by smtp.washington.edu (8.13.1+UW04.08/8.13.3+UW05.01) with ESMTP id j16JQJbD001489 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Sun, 6 Feb 2005 11:26:21 -0800 Mime-Version: 1.0 (Apple Message framework v619.2) In-Reply-To: References: Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <3cc86e2429168ae88884f3f1aa2c1ef5@u.washington.edu> Content-Transfer-Encoding: 7bit From: Michael Becke Subject: Re: HLCA: generating followup requests Date: Sun, 6 Feb 2005 14:26:15 -0500 To: "HttpClient Project" X-Mailer: Apple Mail (2.619.2) X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N The request context is a good idea. In combination with the filters I think this would be enough to handle authentication. As Roland mentioned a filter should only need the current state and request URI to determine what to do. We would just need a way to signal that request should be retried. Would there be other uses for context other than authentication? In regard to redirects I'm not sure there is a way to handle this entirely with filters. The big problem here would be handling redirects in response to a POST, not only would we need to rewrite the request URI, but we need a new method type. Mike On Feb 6, 2005, at 8:01 AM, Roland Weber wrote: > Hi Oleg, > >> We may think of an additional >> abstraction layer in a form of HttpContext, which would enable the >> redirect handler to reset the authentication process without being >> directly coupled with any of the authentication classes. > > I like the idea of a context. I assume we will have an HttpAuthFilter > responsible for inserting Authorization and Proxy-Authorization headers > into requests, and an AuthenticationChallengeHandler in whatever form, > which provides the authentication data for the filter. A context would > be a good way for these two associated objects to share data. It is > also a good way to share data across requests, like authentication > challenges. > To avoid bringing actual authentication dependencies into http-common, > an approach similar to {s|g}etAttribute in the Servlet API could be > taken. The context information from the original request can be made > available in the associated responses and followup requests. This > would make the context useful for applications as well. > > I still think that an authentication handler should itself detect > state changes due to changing URLs, rather than rely on an explicit > reset by a redirect handler. Like in a browser, the authentication > state should keep track of the current authentication realms from > which challenges have already been received, and the URL domains to > which these realms extend. > > cheers, > Roland --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org