jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Meschberger <fmesc...@gmail.com>
Subject Re: Enhancement to the TokenBasedAuthentication
Date Tue, 22 Feb 2011 12:18:53 GMT
Hi,

Thanks alot. One other use case just occurred to me today:

It would be nice if it would be possible to update the optional
properties by supplying new/changed ones in subsequent logins using
TokenCredentials.

For example:

   TokenCredentials t = new TokenCredentials(token);
   t.setAttribute(attr2, attr2Value);
   Session s = repository.login(t);
   assert(attr2Value.equals(s.getAttribute(attr2)));
   s.logout();

   TokenCredentials t2 = new TokenCredentials(token);
   Session s2 = repository.login(t2);
   assert(attr2Value.equals(s2.getAttribute(attr2)));
   s2.logout();


Regards
Felix

Am Dienstag, den 22.02.2011, 10:51 +0100 schrieb Angela Schreiber: 
> hi felix
> 
> > On creation of the token all SimpleCredentials attributes are copied to
> > the token node. These attributes must be matched on subsequent requests
> > with attributes from the TokenCredentials object supplied.
> 
> not quite... all attributes are stored in the node but only those
> marked as required attributes (having a leading '.token' will be
> used for validation upon a subsequent login.
> 
> >    * Attributes are either optional or mandatory. Optional attributes
> >      present in the SimpleCredentials object are just stored in the
> >      token node but are not matched on subsequent requests. Mandatory
> >      attributes must be existing as secondary validation mechanisms
> >      in subsequent requests.
> 
> see above
> 
> >    * When creating the Session from the SimpleCredentials (on first
> >      access creating the token) only the optional attributes (plus the
> >      token value of course) are copied to the Session attributes. The
> >      mandatory attributes are not copied.
> 
> makes sense... i will add that.
> 
> >    * When creating the Session from the TokenCredentials (on subsequent
> >      access validating the supplied token and mandatory attributes) the
> >      optional attributes stored in the token node are copied to the
> >      Session attributes while (again) the mandatory attributes are not
> >      copied.
> 
> same here.
> 
> > This allows for preventing to leak mandatory attributes into the Session
> > but also allows for using the token node as a temporary store for
> > informational attributes.
> 
> thanks for the review!
> angela
> 



Mime
View raw message