incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Angela Schreiber (Confluence)" <>
Subject [CONF] Apache Sling > Solving the Authentication Handler Credential Validation Problem
Date Fri, 27 Sep 2013 12:26:00 GMT
    <base href="">
            <link rel="stylesheet" href="/confluence/s/en/2176/1/1/_/styles/combined.css?spaceKey=SLING&amp;forWysiwyg=true"
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="">Solving
the Authentication Handler Credential Validation Problem</a></h2>
    <h4>Comment edited by             <a href="">Angela
                        <h4>Changes (2)</h4>
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >than the GuestCredentials. in particular
the anonymous user should not have a password: <br> <br></td></tr>
            <tr><td class="diff-changed-lines" ><span class="diff-changed-words">get<span
class="diff-added-chars"style="background-color: #dfd;">Repository().login(get</span>AnonCredentials(this.anonUser)<span
class="diff-added-chars"style="background-color: #dfd;">)</span></span> <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">
<br>instead i would write this as <br> <br>getRepository().login(new GuestCredentials())
    </div>                            <h4>Full Content</h4>
                          <div class="notificationGreySide">
            <p>sounds very promising. this would allow us finally make full usage of
the pre-auth setup in jackrabbit across the whole stack.</p>

<p>one one thing that is not correct IMO: the specification defines that an anonymous
session should be obtained by using<br/>
the "GuestCredentials" that have been introduced by JSR 283.</p>

<p>the following code therefore seems wrong to me and i don't think that the anonymous
user should have other credentials<br/>
than the GuestCredentials. in particular the anonymous user should not have a password:</p>


<p>instead i would write this as</p>

<p>getRepository().login(new GuestCredentials())</p>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;" class="grey">
                        <a href="">Stop
watching space</a>
            <span style="padding: 0px 5px;">|</span>
                <a href="">Change
email notification preferences</a>
       <a href="">View
       <a id="reply-34025086" href="">Reply
To This</a>


View raw message