<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On Jun 7, 2013, at 2:09 AM, Matthias Wessendorf &lt;<a href="mailto:matzew@apache.org">matzew@apache.org</a>&gt; wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Jun 4, 2013 at 2:34 PM, Kris Borchers <span dir="ltr">&lt;<a href="mailto:kris@redhat.com" target="_blank">kris@redhat.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">This is why I have written the JS stuff with the idea of "adapters". That way, any authentication type/system can be used. The APIs can be totally different because there are no auth methods implemented in the base Authentication plugin. I only share very generic utility methods across adapters. Doing it this way allows me to be able to have login/logout/enroll in the rest adapter and something completely different in the Basic/Digest adapters.</div>
</blockquote><div><br></div><div style="">btw. can you share a bit of the code? (e.g. how it is used, and how the Basic/Digest adapters look)</div><div style="">IMO it would be nice if that "API" would be somewhat unified, so that iOS/Android can follow (or discuss) the concept/idea behind the route you have chosen.</div></div></div></div></blockquote><div><br></div>I will gladly share when it is tested but not sure when that will happen as I am blocked by PL. I don't want to throw code out there and say, "This is my method" when I have no idea if it even works yet. ;)<br><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">
<div style=""><br></div><div style="">-Matthias</div><div><br></div><div><br></div><div>&nbsp;</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">
<div><div class="h5"><br><div><div>On Jun 4, 2013, at 3:18 AM, Corinne Krych &lt;<a href="mailto:corinnekrych@gmail.com" target="_blank">corinnekrych@gmail.com</a>&gt; wrote:</div><br><blockquote type="cite"><div dir="ltr">
<div>Hi</div><div><br></div>Indeed the login/logout not doing a actual login/logout feel&nbsp;weird.<div>Even worse on enroll which Basic/Digest implementation is throwing a exception. Options could be:</div>
<div>- narrow common API - no enroll - rename more generic login/logout<br></div><div>- dont share a common API</div><div><br></div><div>Corinne</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On 4 June 2013 09:48, Matthias Wessendorf <span dir="ltr">&lt;<a href="mailto:matzew@apache.org" target="_blank">matzew@apache.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr"><div>Hi,<br></div><div><br></div><div>perhaps this is more "AeroGear-Security VS HTTP Basic/Digest", but first some background informations:</div><div><br></div><div>our different "AuthenticationModule" implementations, for Android, iOS and JavaScript, were created for the AeroGear-Security REST-APIs, which are described here:</div>



<div><a href="http://aerogear.org/docs/specs/aerogear-rest-api/" target="_blank">http://aerogear.org/docs/specs/aerogear-rest-api/</a>&nbsp;</div><div><br></div><div>Here are the three different client platform implementations:</div>


<div><br>
</div><div>* Android:</div><div><a href="https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/authentication/AuthenticationModule.java#L50-L74" target="_blank">https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/authentication/AuthenticationModule.java#L50-L74</a></div>



<div><br></div><div>* iOS:</div><div><a href="https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGear-iOS/security/AGAuthenticationModule.h#L143-L179" target="_blank">https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGear-iOS/security/AGAuthenticationModule.h#L143-L179</a></div>



<div><br></div><div>* JavaScript:</div><div><a href="https://github.com/aerogear/aerogear-js/blob/master/src/authentication/adapters/rest.js#L224-L436" target="_blank">https://github.com/aerogear/aerogear-js/blob/master/src/authentication/adapters/rest.js#L224-L436</a></div>



<div><br></div><div>So, basically the interface(or the different implementations) covers the following functionality, described in the above spec:</div><div>* enroll&nbsp;</div><div>* login</div><div>* logout</div><div><br></div>



<div>So far so good.</div><div><br></div><div><br></div><div>However, looking at the recent work for BASIC/DIGEST (e.g. <a href="http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-iOS-Basic-Digest-Thoughts-td2847.html" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-iOS-Basic-Digest-Thoughts-td2847.html</a>), I think it might be confusing that there is no real login call against the server, like in the above codee, for AG-Security</div>



<div><br></div><div>Instead, the "login", is _only_ applying the credentials to that subsequent requests can read (a) protected URL(s). Similar to "logout": Only a _reset_ of the credentials is happening. No server endpoint is invoked.</div>



<div>See also <a href="http://lists.jboss.org/pipermail/aerogear-dev/2013-May/002810.html" target="_blank">http://lists.jboss.org/pipermail/aerogear-dev/2013-May/002810.html</a></div><div><br></div><div><br></div><div>Similar to the "enroll"; The iOS proposal throws an exception, similar to the Android version:</div>



<div><br></div><div><a href="https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/authentication/impl/HttpBasicAuthenticationModule.java#L164" target="_blank">https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/authentication/impl/HttpBasicAuthenticationModule.java#L164</a></div>



<div><br></div><div><a href="https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m#L93-L95" target="_blank">https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-iOS/AeroGear-iOS/security/AGHttpBasicDigestAuthentication.m#L93-L95</a></div>



<div><br></div><div>To me, looks like none of the methods of the "AuthenticationModule interface" are properly used, or am I wrong?&nbsp;</div><div><br></div><div><br></div><div>I think my question is: Does it really make sense to kinda try to add the BASIC/DIGEST support into the "AuthenticationModule interface"?? or, could there be something else ?&nbsp;</div>


<div><br></div><div>Not sure, I guess since I am not sure, I am asking here :)</div><div><br></div><div>Any feedback is appreciated!</div><div><br></div><div>Thanks!</div><span><font color="#888888"><div>Matthias</div>

<div><br></div>-- <br>Matthias Wessendorf <br><br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</font></span></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br></div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a><br><a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></blockquote>
</div><br></div></div></div><br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>
_______________________________________________<br>aerogear-dev mailing list<br><a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>https://lists.jboss.org/mailman/listinfo/aerogear-dev</blockquote></div><br></body></html>