jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jukka Zitting (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (JCR-3634) New method: JackrabbitRepository.login(Credentials, Map<String, Object>)
Date Tue, 30 Jul 2013 10:27:48 GMT

    [ https://issues.apache.org/jira/browse/JCR-3634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13723679#comment-13723679
] 

Jukka Zitting commented on JCR-3634:
------------------------------------

> Which attribute would take precedence in your case when there is a conflict between the
ones one the Credential instance and the explicitly passed ones?

Good point. We can make that explicit with something like: "Attributes included in or implied
by the credentials instance override those in the attributes map." Such precedence is not
ideal (I'd prefer it to be the other way around), but probably necessary for backwards compatibility
with the mentioned naive default implementation and avoids confusion with cases like token
authentication where credential attributes are included in the authentication process.

> For the next version of the standard, maybe we should consider adding this method?

Yes. Defining and using it first in JackrabbitRepository makes a strong rationale for including
it in the JCR spec.
                
> New method: JackrabbitRepository.login(Credentials, Map<String, Object>)
> ------------------------------------------------------------------------
>
>                 Key: JCR-3634
>                 URL: https://issues.apache.org/jira/browse/JCR-3634
>             Project: Jackrabbit Content Repository
>          Issue Type: New Feature
>          Components: jackrabbit-api
>    Affects Versions: 2.7.1
>            Reporter: Michael Dürig
>
> As discussed [1] we need a way for passing session attributes on login without having
to fall back to credentials. The latter might not support credentials or not be present at
all when authentication is handled externally.
> I suggest to add the following method to JackrabbitRepository:
> /**
>  * Equivalent to <code>login(credentials, workspace)</code> where
>  * <ul>
>  *     <li><code>workspace = attributes.get(ATT_WORKSPACE_NAME)</code>,</li>
>  *     <li><code>credentials</code> carry all and only the attributes
passed
>  *     through the <code>attributes</code> map.</li>
>  * </ul>
>  *
>  * @param credentials  the credentials of the user
>  * @param attributes   the attributes to put into the session
>  * @return a valid session for the user to access the repository.
>  * @throws javax.jcr.LoginException  if authentication or authorization for the
>  *     specified workspace fails.
>  * @throws javax.jcr.NoSuchWorkspaceException  if the specified workspace is not recognized.
>  * @throws javax.jcr.RepositoryException  if another error occurs.
>  */
> Session login(Credentials credentials, Map<String, Object> attributes);
> See also OAK-803 for some more background.
> [1] http://markmail.org/message/lwhpglehee3jgpip

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message