Chapter 7.9 expansion?

0 views
Skip to first unread message

aw

unread,
Nov 8, 2009, 7:03:30 PM11/8/09
to The Lift Book
I'm reading Chapter 7.9 and I'm left with questions...

Can't I leave Authentication to the container? For example, if I use
something like https://spnego.dev.java.net/ that automatically
authenticates the user against an Active Directory, then all I need
Lift to do is worry about Authorization. In addition to
HttpBasicAuthentication, HttpDigestAuthentication, and
NoAuthentication, I would expect there to be another choice like
ContainerAuthentication (or PassThruAuthentication?). Some third
party IAM systems have authentication mechanisms that simply supply
the authenticated user as a header variable -- maybe
ImplicitHeaderAuthentication?

Anyway... I think you get my point... I need to let the container
take care of Authentication, but then I need to provide the
Authorization information to the Lift app... How should I do that?

P.S. There is a weird formatting issue with Chapter 7.9 because it
goes straight from 7.9 (HTTP Basic Authentication) to 7.9.0.1 (HTTP
Digest Authentication).

Derek Chen-Becker

unread,
Nov 13, 2009, 9:45:39 AM11/13/09
to the-li...@googlegroups.com
Thanks for the feedback. I'll look into expanding the chapter a bit (and fixing the formatting)
Reply all
Reply to author
Forward
0 new messages