incubator-chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florent Guillaume ...@nuxeo.com>
Subject Re: More flexibility in authentication?
Date Wed, 10 Feb 2010 13:48:11 GMT
Hi Craig,

Sorry for the late response.
Yes beefing up the authentication APIs would we a worthwhile task. I'd
welcome a JIRA issue and a patch if you can work on one!

Regards,
Florent


2010/1/28 Craig McClanahan <craigmcc@apache.org>:
> The ContentManager interface sports a login() method that takes a
> username and password.  This will fit in well with repositories that
> use HTTP Basic authentication, but won't be quite as useful for HTTP
> Digest, or any sort of single sign on environment (OpenID, OAuth,
> etc.) where the client application that uses Chemistry might not
> actually have a plaintext password for the calling user.
>
> In previous $JOB lives, when designing an API like this, I've
> sometimes created another interface called Authenticator (with an
> implementation HttpBasicAuthenticator, plus perhaps some others).
> Then:
>
> * I would add a login(Authenticator authenticator) method to the
>  ContentManager interface -- I'd be fine with keeping the existing login()
>  method as well because HTTP Basic will likely be a common use case,
>  but it would not be strictly necessary).
>
> * The Authenticator instance would get a chance, just before the outbound
>  HTTP request is sent, to add whatever HTTP headers it needed for
>  the authentication mechanism it implements.
>
> * For completeness, Authenticator should also be able to receive some sort
>  of callback if a 401 is received (perhaps similar to the way Acegi Security
>  does this kind of thing).
>
> Would something like this be of interest to the Chemistry developers?
> If so, I can add a JIRA issue and take a crack at a patch to add this
> feature.
>
> Craig McClanahan
>
> PS:  In my current role, I'm evaluating how to integrate our company's
> application (Jive SBS) more closely with various CMS environments, and
> CMIS (and therefore Chemistry) looks like it might be a good long term
> strategy.
>



-- 
Florent Guillaume, Director of R&D, Nuxeo
Open Source, Java EE based, Enterprise Content Management (ECM)
http://www.nuxeo.com   http://www.nuxeo.org   +33 1 40 33 79 87

Mime
View raw message