[undertow-dev] cached authenticated sessions
Bill Burke
bburke at redhat.com
Wed Nov 6 21:36:52 EST 2013
class CachedAuthenticatedSessionHandler {
private boolean isCacheable(final SecurityNotification notification) {
return notification.isProgramatic() ||
"FORM".equals(notification.getMechanism());
}
Any new AuthenticationMechanism that wants session cached auth is forced
to specify "FORM" for its mechanism when calling
authenticationComplete(). Is this a bad thing?
Should "cacheable" be a part of the authenticationComplete() callback
instead?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list