Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Right now authentication handlers are only ordered by their registration path. If multiple authentication handlers are registered for the same path, the order at which they are asked is basically undefined.
It would be useful to be able to control this order using the regular service.ranking service registration property.
One use of such ordering would be to be able to better control which authentication handler should be in charge of requesting credentials. For example, a high priority "pseudo authentication handler" could be provided, which just renders login forms. Such a provider could provide forms for both form based authentication and OpenID authentication and support the client in selecting which form of authentication she/he selects.
Such an authentication handler should of course have precedence in terms of requesting credentials over the other authentication handlers. Adding support for service.ranking would solve this problem.
Attachments
Issue Links
- is depended upon by
-
SLING-1370 Provide Pseudo Authentication Handler to support both Form Based Login and OpenID Login
-
- Closed
-