You could do something like that, however you would still need a factory
class that took the ServletContext as a parameter as Authenticators by
themselves have no direct way of getting access to the servlet context.
This is because the AuthenticationMechanism is part of Undertow core,
which as no servlet dependency (a big reason for this split is that we
don't want any servlet dependency in the EAP management console, but we
do need full authentication support).
So if we need the factory anyway my personal preference would be to make
it accept its configuration parameters in the same place it is defined,
so it is obvious how it is configured.
Bill Burke wrote:
On 5/13/2013 9:02 PM, Bill Burke wrote:
> Maybe have something more sophisticated?
more == less, sorry
> Couldn't you just configure these custom application-provided security
> providers through context parameters?