[Yanel-dev] Flow/Sequence of Access Control within YanelServlet
refactored
Michael Wechner
michael.wechner at wyona.com
Sun Jan 13 23:20:25 CET 2008
Hi
I have refactored the flow/sequence of the access control within the
YanelServlet, which should have the following advantages:
- doAuthenticate is only called when authorization is denied (instead
with every request as it was)
- the code should be now much easier to read now (whereas it still needs
more refactoring)
I have tested the following usecases:
- standard form based login
- HTTP BASIC login (where the response might need some more work if bad
credentials were provided)
- Custom form based login
- Custom Single-Sign-On login
- OpenID login (whereas OpenID itself is not supported yet)
- Neutron based login
All usecases seem still to work, but maybe I have forgotten something.
Also I have tested yet behind a proxy.
So please let me know if you find any issues.
Thanks
Michi
--
Michael Wechner
Wyona - Open Source Content Management - Yanel, Yulup
http://www.wyona.com
michael.wechner at wyona.com, michi at apache.org
+41 44 272 91 61
More information about the Yanel-development
mailing list