[Yanel-dev] Flow/Sequence of Access Control within YanelServlet refactored

Michael Wechner michael.wechner at wyona.com
Sun Jan 13 23:20:25 CET 2008


Hi

I have refactored the flow/sequence of the access control within the 
YanelServlet, which should have the following advantages:

- doAuthenticate is only called when authorization is denied (instead 
with every request as it was)
- the code should be now much easier to read now (whereas it still needs 
more refactoring)

I have tested the following usecases:

- standard form based login
- HTTP BASIC login (where the response might need some more work if bad 
credentials were provided)
- Custom form based login
- Custom Single-Sign-On login
- OpenID login (whereas OpenID itself is not supported yet)
- Neutron based login

All usecases seem still to work, but maybe I have forgotten something.

Also I have tested yet behind a proxy.

So please let me know if you find any issues.

Thanks

Michi

-- 
Michael Wechner
Wyona      -   Open Source Content Management - Yanel, Yulup
http://www.wyona.com
michael.wechner at wyona.com, michi at apache.org
+41 44 272 91 61



More information about the Yanel-development mailing list