incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1478959 - /sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
Date Fri, 03 May 2013 20:29:54 GMT
Author: dklco
Date: Fri May  3 20:29:53 2013
New Revision: 1478959

URL: http://svn.apache.org/r1478959
Log:
Fixing some formatting issues with the authentication framwork page

Modified:
    sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext

Modified: sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext?rev=1478959&r1=1478958&r2=1478959&view=diff
==============================================================================
--- sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
(original)
+++ sling/site/trunk/content/documentation/the-sling-engine/authentication/authentication-framework.mdtext
Fri May  3 20:29:53 2013
@@ -35,13 +35,14 @@ The implementation follows this algorith
 Extracting the credentials and trying to login to the repository may yield the following
results:
 
 | Credentials | Login | Consequence |
-| present | successfull | Continue with an authenticated request |
+|--|--|--|
+| present | successful | Continue with an authenticated request |
 | present | failed | Select `AuthenticationHandler` and call `requestCredentials` method
|
 | missing | anonymous allowed | Continue with a non authenticated request using anonymous
access to the repository |
 | missing | anonymous forbidden | Select `AuthenticationHandler` and call `requestCredentials`
method |
 
 <div class="note">
-Only one `AuthenticationHandler` is able to provide credentials for a given request. If the
credentials provided by the handler cannot be used to login to the repository, authentication
fails and no further `AuthenticationHandler` is consulted.
+    Only one <code>AuthenticationHandler</code> is able to provide credentials
for a given request. If the credentials provided by the handler cannot be used to login to
the repository, authentication fails and no further <code>AuthenticationHandler</code>
is consulted.
 </div>
 
 
@@ -57,7 +58,7 @@ The `handleSecurity` method gets credent
 | `javax.jcr.Session` | The JCR Session. This attribute is for backwards compatibility only.
*Its use is deprecated and the attribute will be removed in future versions*. |
 | `org.apache.sling.commons.auth.spi.AuthenticationInfo` | The `AuthenticationInfo` object
produced from the `AuthenticationHandler`. |
 
-*NOTE*: Do *NOT* use the `javax.jcr.Session` request attribute in your Sling applications.
This attribute must be considered implementation specific to convey the JCR Session to the
`SlingMainServlet`. In future versions of the Sling Commons Auth bundle, this request attribute
will not be present anymore. To get the JCR Session for the current request adapt the request's
resource resolver to a JCR Session:
+**NOTE**: Do *NOT* use the `javax.jcr.Session` request attribute in your Sling applications.
This attribute must be considered implementation specific to convey the JCR Session to the
`SlingMainServlet`. In future versions of the Sling Commons Auth bundle, this request attribute
will not be present anymore. To get the JCR Session for the current request adapt the request's
resource resolver to a JCR Session:
 
 
     Session session = request.getResourceResolver().adaptTo(Session.class);
@@ -75,7 +76,7 @@ The `SlingAuthenticator` provides high l
 The URLs set on the *Authentication Requirements* configuration property or the `sling.auth.requirements`
service registration property can be absolute paths or URLs like the `path` service registration
property of `AuthenticationHandler` services. This allows the limitation of this setup to
certain requests by scheme and/or virtual host address.
 
 
-*Examples*
+**Examples**
 
 * The `LoginServlet` contained in the Commons Auth bundle registers itself with the service
registration property `sling.auth.requirements = "-/system/sling/login"` to ensure the servlet
can be accessed without requiring authentication.
 
@@ -87,7 +88,7 @@ The URLs set on the *Authentication Requ
 
 The implementation of the `Authenticator` interface is similar for both methods:
 
-*`login`*
+**`login`**
 
 1. Select one or more `AuthenticationHandler` for the request according to the request URL's
scheme and authorization part.
 1. Call the `requestCredentials` method of each authentication handler, where the order of
handler call is defined by the length of the registered path: handlers registered with longer
paths are called before handlers with shorter paths. The goal is to call the handlers in order
from longest request path match to shortest match. Handlers not matching the request path
at all are not called.
@@ -102,7 +103,8 @@ The `login` method has three possible ex
 | `IllegalStateException` | The response has already been committed and the login request
cannot be processed. Normally to request login, the current response must be reset and a new
response has to be prepared. This is only possible if the request has not yet been committed.
|
 
 
-*`logout`*
+**`logout`**
+
 1. Select one or more `AuthenticationHandler` for the request according to the request URL's
scheme and authorization part.
 1. Call the `dropCredentials` method of each authentication handler, where the order of handler
call is defined by the length of the registered path: handlers registered with longer paths
are called before handlers with shorter paths. The goal is to call the handlers in order from
longest request path match to shortest match. Handlers not matching the request path at all
are not called.
 



Mime
View raw message