incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [CONF] Apache Sling Website > Authentication - Tasks
Date Mon, 01 Feb 2010 11:27:00 GMT
    <base href="">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=SLINGxSITE&amp;forWysiwyg=true"
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="">Authentication
- Tasks</a></h2>
    <h4>Page  <b>added</b> by             <a href="">Felix
    <div class="notificationGreySide">
         <h1><a name="Authentication-Tasks-Tasks"></a>Tasks</h1>

<p>Authentication of HTTP Requests is generally a two-step process: First the credentials
must be extracted from the request and second the credentials must be validated. In the case
of Sling this means acquiring a JCR Session.</p>

<h2><a name="Authentication-Tasks-ExtractCredentialsfromtheRequest"></a>Extract
Credentials from the Request</h2>

	<li>Implemented and controlled by the Sling Commons Auth bundle</li>
	<li>Takes <tt>HttpServletRequest</tt></li>
	<li>Provides credentials for futher processing (basically JCR <tt>Credentials</tt>
and Workspace name)</li>
	<li>Extensible with the help of <tt>AuthenticationHandler</tt> services</li>

<h2><a name="Authentication-Tasks-LogintotheJCRRepository"></a>Login to
the JCR Repository</h2>

	<li>Implemented and controlled by the JCR Repository</li>
	<li>Takes JCR <tt>Credentials</tt> and Workspace name</li>
	<li>Provides a JCR <tt>Session</tt></li>
	<li>Implementation dependent process. Jackrabbit provides extensibility based on <tt>LoginModules</tt>;
Sling's Embedded Jackrabbit Repository bundle provides extensibility with <tt>LoginModulePlugin</tt>

<p>Currently the credentials are always verified by trying to login to the JCR repository.
Once an <a href=""
rel="nofollow">ResourceResolverFactory</a> API has been added, the process of validating
the credentials and logging in is actualy replaced by a process of requesting a <tt>ResourceResolver</tt>
from the <tt>ResourceResolverFactory</tt>. Of course, the JCR Repository will
still be the main underlying repository and as such be used to validate the credentials and
get a JCR Session.</p>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href=""
class="grey">Change Notification Preferences</a>
       <a href="">View
       <a href=";showCommentArea=true#addcomment">Add

View raw message