11:29 a.m.
Hi,
I noticed some interesting behavior with the 'isAuthenticated' function.
It returns TRUE even when the pipe is not authenticated, because a
wrong(or no) authenticator has been attached,
See:
https://gist.github.com/3812824
IMO it should return FALSE when no authenticator is attached. Even on
a 'pipe connection' where no auth is required, the
'isAuthenticated:false' would be still wrong, as the connection is not
authenticated - since not required...
Any thoughts ?
Of course, this brings up the question if there should be some
'callback' that is invoke when the 'pipe' receives a 401. To indicate
'wrong' (or no) auth provided.. ?!
-Matthias
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
11:47 a.m.
On Oct 1, 2012, at 11:29 AM, Matthias Wessendorf <matzew(a)apache.org> wrote:
Hi,
I noticed some interesting behavior with the 'isAuthenticated' function.
It returns TRUE even when the pipe is not authenticated, because a
wrong(or no) authenticator has been attached,
See:
https://gist.github.com/3812824
IMO it should return FALSE when no authenticator is attached. Even on
a 'pipe connection' where no auth is required, the
'isAuthenticated:false' would be still wrong, as the connection is not
authenticated - since not required...
Any thoughts ?
Yes, this is a good point. I think in the rush to get something working, i have combined
isAuthenticated with something like hasAuthenticator which is wrong. This is still being
worked out, along with "privatizing" methods and none of the docs have been
written yet so give me a little more time and this will be straightened out.
Of course, this brings up the question if there should be some
'callback' that is invoke when the 'pipe' receives a 401. To indicate
'wrong' (or no) auth provided.. ?!
That is what the statusCode options is for so that not only 401 but any specific status
code can be handled appropriately. Again, once the docs are done this should be clearer.
:)
-Matthias
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
11:53 a.m.
On Mon, Oct 1, 2012 at 6:47 PM, Kris Borchers <kris(a)redhat.com> wrote:
On Oct 1, 2012, at 11:29 AM, Matthias Wessendorf <matzew(a)apache.org> wrote:
> Hi,
>
> I noticed some interesting behavior with the 'isAuthenticated' function.
>
> It returns TRUE even when the pipe is not authenticated, because a
> wrong(or no) authenticator has been attached,
>
> See:
>
> https://gist.github.com/3812824
>
>
> IMO it should return FALSE when no authenticator is attached. Even on
> a 'pipe connection' where no auth is required, the
> 'isAuthenticated:false' would be still wrong, as the connection is not
> authenticated - since not required...
>
> Any thoughts ?
Yes, this is a good point. I think in the rush to get something working, i have combined
isAuthenticated with something like hasAuthenticator which is wrong. This is still being
worked out, along with "privatizing" methods and none of the docs have been
written yet so give me a little more time and this will be straightened out.
>
>
> Of course, this brings up the question if there should be some
> 'callback' that is invoke when the 'pipe' receives a 401. To
indicate
> 'wrong' (or no) auth provided.. ?!
That is what the statusCode options is for so that not only 401 but any specific status
code can be handled appropriately. Again,
once the docs are done this should be clearer. :)
ah, that is sweet :)
$.ajax({
statusCode: {
404: function() {
alert("page not found");
}
}
});
-M
>
> -Matthias
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
1:23 a.m.
Filed AEROGEAR-504
-M
On Mon, Oct 1, 2012 at 6:47 PM, Kris Borchers <kris(a)redhat.com> wrote:
On Oct 1, 2012, at 11:29 AM, Matthias Wessendorf <matzew(a)apache.org> wrote:
> Hi,
>
> I noticed some interesting behavior with the 'isAuthenticated' function.
>
> It returns TRUE even when the pipe is not authenticated, because a
> wrong(or no) authenticator has been attached,
>
> See:
>
> https://gist.github.com/3812824
>
>
> IMO it should return FALSE when no authenticator is attached. Even on
> a 'pipe connection' where no auth is required, the
> 'isAuthenticated:false' would be still wrong, as the connection is not
> authenticated - since not required...
>
> Any thoughts ?
Yes, this is a good point. I think in the rush to get something working, i have combined
isAuthenticated with something like hasAuthenticator which is wrong. This is still being
worked out, along with "privatizing" methods and none of the docs have been
written yet so give me a little more time and this will be straightened out.
>
>
> Of course, this brings up the question if there should be some
> 'callback' that is invoke when the 'pipe' receives a 401. To
indicate
> 'wrong' (or no) auth provided.. ?!
That is what the statusCode options is for so that not only 401 but any specific status
code can be handled appropriately. Again, once the docs are done this should be clearer.
:)
>
> -Matthias
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
4478
days inactive
4479
days old
3 comments
2 participants
participants (2)
-
Kris Borchers -
Matthias Wessendorf