incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Sling Website > Authentication - Tasks
Date Mon, 01 Feb 2010 11:27:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=SLINGxSITE&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="http://cwiki.apache.org/confluence/display/SLINGxSITE/Authentication+-+Tasks">Authentication
- Tasks</a></h2>
    <h4>Page  <b>added</b> by             <a href="http://cwiki.apache.org/confluence/display/~fmeschbe">Felix
Meschberger</a>
    </h4>
         <br/>
    <div class="notificationGreySide">
         <h1><a name="Authentication-Tasks-Tasks"></a>Tasks</h1>

<p>Authentication of HTTP Requests is generally a two-step process: First the credentials
must be extracted from the request and second the credentials must be validated. In the case
of Sling this means acquiring a JCR Session.</p>

<h2><a name="Authentication-Tasks-ExtractCredentialsfromtheRequest"></a>Extract
Credentials from the Request</h2>

<ul>
	<li>Implemented and controlled by the Sling Commons Auth bundle</li>
	<li>Takes <tt>HttpServletRequest</tt></li>
	<li>Provides credentials for futher processing (basically JCR <tt>Credentials</tt>
and Workspace name)</li>
	<li>Extensible with the help of <tt>AuthenticationHandler</tt> services</li>
</ul>



<h2><a name="Authentication-Tasks-LogintotheJCRRepository"></a>Login to
the JCR Repository</h2>

<ul>
	<li>Implemented and controlled by the JCR Repository</li>
	<li>Takes JCR <tt>Credentials</tt> and Workspace name</li>
	<li>Provides a JCR <tt>Session</tt></li>
	<li>Implementation dependent process. Jackrabbit provides extensibility based on <tt>LoginModules</tt>;
Sling's Embedded Jackrabbit Repository bundle provides extensibility with <tt>LoginModulePlugin</tt>
services.</li>
</ul>


<p>Currently the credentials are always verified by trying to login to the JCR repository.
Once an <a href="http://cwiki.apache.org/SLING/add-resourceresolverfactory-service-interface.html"
rel="nofollow">ResourceResolverFactory</a> API has been added, the process of validating
the credentials and logging in is actualy replaced by a process of requesting a <tt>ResourceResolver</tt>
from the <tt>ResourceResolverFactory</tt>. Of course, the JCR Repository will
still be the main underlying repository and as such be used to validate the credentials and
get a JCR Session.</p>
    </div>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>
       <a href="http://cwiki.apache.org/confluence/display/SLINGxSITE/Authentication+-+Tasks">View
Online</a>
              |
       <a href="http://cwiki.apache.org/confluence/display/SLINGxSITE/Authentication+-+Tasks?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
           </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message