Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
There might be situations (or AuthenticationHandlers, actually), desiring to get feedback on the outcome of authentication after providing authentication credentials. At the moment this "feedback" is limited to the case of failed login when the SlingAuthenticator calls back into the AuthenticationHandler to request credentials. But this is only indirect feedback in the failure case.
I propose to extend the feedback transfer as follows:
- Add AuthenticationFeedbackHandler interface with two methods:
// called if authentication failed, handler is not expected to send response
// since SlingAuthenticator will call requestCredentials
void authenticationFailed(HttpServletRequest, HttpServletResponse, AuthenticationInfo)
// called if authentication succeeded, handler may write into the response
// particularly setting a cookie or the like is possible here
void authenticationSucceeded(HttpServletRequest, HttpServletResponse, AuthenticationInfo)
- Add two methods to the AuthenticationInfo class to pass in a feedback handler:
// May be called by the AuthenticationHandler to request feedback on the authentication
void setAuthenticationFeedbackHandler(AuthenticationFeedbackHandler)
// forward to configured feedback handler, ignored if none
void authenticationFailed(HttpServletRequest, HttpServletResponse)
// forward to configured feedback handler or handle redirect request if none
void authenticationSucceeded(HttpServletRequest, HttpServletResponse)
- SlingAuthenticator calls the new AuthenticationInfo methods on success or failure after login
- The default behaviour of the AuthenticationInfo.authenticationSucceeded is to redirect to a desired target. This moves the SlingAuthenticator.handleRedirect method to a (probably) new static method, which is called by the AuthenticationInfo class and which may also be called by any implementation of the AuthenticationFeedbackHandler.