Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-938

Refine initiaition of the authentication process

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Engine 2.0.2
    • Fix Version/s: Engine 2.0.4
    • Component/s: Engine
    • Labels:
      None

      Description

      Currently the authentication process can only be initiated by explicitly calling a login page provided by some AuthenticationHandler implementation bundle. There is no way to initiate the authentication process from within a servlet or script (e.g. to have the user log in a 404/NOT FOUND error handler).

      To support this kind of functionality the existing SlingAuthenticator.requestAuthentcation method should be publicly accessible through Service interface. Servlets or scripts which want to request authentication from the client for the current request may then call this service method.

      This method applies the same authentication handler selection algorithm for the given HttpServletRequest object as it does for finding the authentication handler in the authenticate process. This ensures, that for a given request, the appropriate authentication handler is called which is then able to initiate authentication appropriately, for example by drawing a form.

      For full details refer to http://cwiki.apache.org/SLING/authentication-initiation.html

        Attachments

          Activity

            People

            • Assignee:
              fmeschbe Felix Meschberger
              Reporter:
              fmeschbe Felix Meschberger
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: