Closed
Bug 632059
Opened 13 years ago
Closed 13 years ago
Put the session logic in server-core
Categories
(Cloud Services :: Server: Core, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: tarek, Unassigned)
Details
Identity has a bit of session logic, like Account manager has: - login/logout pages + an auth challenge & redirect after login - session based on beaker We should have this logic separated and put into serve-core, so it can be reused.
Comment 1•13 years ago
|
||
hmm, I'm not sure that there's all that much there. Beaker kind of is the abstraction layer and there's not much on top of it. We don't actually do a redirect on login - we simply put up the login page in place of the page you're visiting. It's possible that there's enough overlap with identity that we could extract out a function there, but it's not going to be a lot.
Reporter | ||
Comment 2•13 years ago
|
||
(In reply to comment #1) > we simply put up the login page in place of the page you're visiting. Mmm that's not a good web behavior for a form-base authentication. A page that cannot be accessed anonymously should redirect to a page that can be accessed anonymously (here our login page), then come back to the original page. A GET is idempotent -- think cache / indexing -- and should not point to two different resources depending on session data.
Reporter | ||
Comment 3•13 years ago
|
||
this is a bit early since the only production app that potentially needs it is still AP. Closing as won't fix. If needed, it will naturally come back
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•