On Jun 7, 2013, at 2:09 AM, Matthias Wessendorf <matzew(a)apache.org> wrote:
On Tue, Jun 4, 2013 at 2:34 PM, Kris Borchers <kris(a)redhat.com> wrote:
This is why I have written the JS stuff with the idea of "adapters". That way,
any authentication type/system can be used. The APIs can be totally different because
there are no auth methods implemented in the base Authentication plugin. I only share very
generic utility methods across adapters. Doing it this way allows me to be able to have
login/logout/enroll in the rest adapter and something completely different in the
Basic/Digest adapters.
btw. can you share a bit of the code? (e.g. how it is used, and how the Basic/Digest
adapters look)
IMO it would be nice if that "API" would be somewhat unified, so that
iOS/Android can follow (or discuss) the concept/idea behind the route you have chosen.
I will gladly share when it is tested but not sure when that will happen as I am blocked
by PL. I don't want to throw code out there and say, "This is my method"
when I have no idea if it even works yet. ;)
-Matthias
On Jun 4, 2013, at 3:18 AM, Corinne Krych <corinnekrych(a)gmail.com> wrote:
> Hi
>
> Indeed the login/logout not doing a actual login/logout feel weird.
> Even worse on enroll which Basic/Digest implementation is throwing a exception.
Options could be:
> - narrow common API - no enroll - rename more generic login/logout
> - dont share a common API
>
> Corinne
>
>
> On 4 June 2013 09:48, Matthias Wessendorf <matzew(a)apache.org> wrote:
> Hi,
>
> perhaps this is more "AeroGear-Security VS HTTP Basic/Digest", but first
some background informations:
>
> our different "AuthenticationModule" implementations, for Android, iOS and
JavaScript, were created for the AeroGear-Security REST-APIs, which are described here:
>
http://aerogear.org/docs/specs/aerogear-rest-api/
>
> Here are the three different client platform implementations:
>
> * Android:
>
https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/ae...
>
> * iOS:
>
https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGea...
>
> * JavaScript:
>
https://github.com/aerogear/aerogear-js/blob/master/src/authentication/ad...
>
> So, basically the interface(or the different implementations) covers the following
functionality, described in the above spec:
> * enroll
> * login
> * logout
>
> So far so good.
>
>
> However, looking at the recent work for BASIC/DIGEST (e.g.
http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-iOS-Basic-Digest-T...),
I think it might be confusing that there is no real login call against the server, like in
the above codee, for AG-Security
>
> Instead, the "login", is _only_ applying the credentials to that subsequent
requests can read (a) protected URL(s). Similar to "logout": Only a _reset_ of
the credentials is happening. No server endpoint is invoked.
> See also
http://lists.jboss.org/pipermail/aerogear-dev/2013-May/002810.html
>
>
> Similar to the "enroll"; The iOS proposal throws an exception, similar to
the Android version:
>
>
https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/ae...
>
>
https://github.com/cvasilak/aerogear-ios/blob/basic.digest.auth/AeroGear-...
>
> To me, looks like none of the methods of the "AuthenticationModule
interface" are properly used, or am I wrong?
>
>
> I think my question is: Does it really make sense to kinda try to add the
BASIC/DIGEST support into the "AuthenticationModule interface"?? or, could there
be something else ?
>
> Not sure, I guess since I am not sure, I am asking here :)
>
> Any feedback is appreciated!
>
> Thanks!
> Matthias
>
> --
> Matthias Wessendorf
>
> blog:
http://matthiaswessendorf.wordpress.com/
> sessions:
http://www.slideshare.net/mwessendorf
> twitter:
http://twitter.com/mwessendorf
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev