Versions Compared

Old Version 3

changes.mady.by.user Felix Meschberger

Saved on

compared with

New Version 4

changes.mady.by.user Felix Meschberger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt
hiddentrue

Separating authentication from ResourceResolver access (ammending Add ResourceResolverFactory Service Interface) (DRAFT)

Status: DRAFT NOT IMPLEMENTED
Created: 14. March 2010
Author: fmeschbe
JIRA: –
References: Merging Sling API and Commons Auth API
Update: fmeschbe/27. September 2013

Table of Contents
minLevel2

Update

This concept is not being implemented because in the meantime ResourceProviderFactory services have been introduced which can be flagged as being mandatory and thus validate credentials from authentication handlers. One such implementation is the JCR Resource Provider which does exactly that and internally validates the credentials by create a JCR Session.

Introduction

With the recent introduction of the Commons Auth Bundle and the current approach to break apart the dependency on JCR API from the Commons Auth Bundle we are faced with an issue of how to authenticate an HTTP request user while at the same time not binding the authentication mechanism to any data repository.

...