On Tue, Jun 4, 2013 at 2:34 PM, Kris Borchers <kris@redhat.com> wrote:
This is why I have written the JS stuff with the idea of "adapters". That way, any authentication type/system can be used. The APIs can be totally different because there are no auth methods implemented in the base Authentication plugin. I only share very generic utility methods across adapters. Doing it this way allows me to be able to have login/logout/enroll in the rest adapter and something completely different in the Basic/Digest adapters.btw. can you share a bit of the code? (e.g. how it is used, and how the Basic/Digest adapters look)IMO it would be nice if that "API" would be somewhat unified, so that iOS/Android can follow (or discuss) the concept/idea behind the route you have chosen.
_______________________________________________-MatthiasOn Jun 4, 2013, at 3:18 AM, Corinne Krych <corinnekrych@gmail.com> wrote:HiIndeed the login/logout not doing a actual login/logout feel weird.Even worse on enroll which Basic/Digest implementation is throwing a exception. Options could be:- narrow common API - no enroll - rename more generic login/logout- dont share a common APICorinne_______________________________________________On 4 June 2013 09:48, Matthias Wessendorf <matzew@apache.org> wrote:Hi,perhaps this is more "AeroGear-Security VS HTTP Basic/Digest", but first some background informations:our different "AuthenticationModule" implementations, for Android, iOS and JavaScript, were created for the AeroGear-Security REST-APIs, which are described here:Here are the three different client platform implementations:
* Android:* iOS:* JavaScript:So, basically the interface(or the different implementations) covers the following functionality, described in the above spec:* enroll* login* logoutSo far so good.However, looking at the recent work for BASIC/DIGEST (e.g. http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-iOS-Basic-Digest-Thoughts-td2847.html), I think it might be confusing that there is no real login call against the server, like in the above codee, for AG-SecurityInstead, the "login", is _only_ applying the credentials to that subsequent requests can read (a) protected URL(s). Similar to "logout": Only a _reset_ of the credentials is happening. No server endpoint is invoked.Similar to the "enroll"; The iOS proposal throws an exception, similar to the Android version:To me, looks like none of the methods of the "AuthenticationModule interface" are properly used, or am I wrong?I think my question is: Does it really make sense to kinda try to add the BASIC/DIGEST support into the "AuthenticationModule interface"?? or, could there be something else ?Not sure, I guess since I am not sure, I am asking here :)Any feedback is appreciated!Thanks!Matthias--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev