19 Mar
2009
19 Mar
'09
5:43 p.m.
Denis Gervalle wrote:
Hi all and Sergiu in particular,
I need a more flexible as well as new kind of authentication for my
xwiki farm, I have therefore started a review of the current
implementations (which is not really nice), as well as patch proposal
(stackable auth and iopen)...
I am currently puzzled by the introduction of the
SavedRequestRestorerFilter in 10525 (1.5M2).
When I apply the selenium test case provided on earlier version
(1.4.1), I do not found any issue, and I there wonder what is the use
case of this fix ? It seems to me useless in regards to the current
state of the authentication code. I have also remove it from my test
build, and I see no regression.
Does anyone have a test case that shows the usefulness of this ?
TIA.
The use case is:
- I log in
- I spend a lot of time writing a document
- I hit save
- Unfortunately, my authentication expired
- I am redirected to the login page, as I don't have the right to save
the document as a guest
- I login
- I just lost my hard work
SavedRequestRestorer saves the posted data in the session object, so
that after authentication it can be safely retrieved and used.
Is it causing problems on your side?
--
Sergiu Dumitriu
http://purl.org/net/sergiu/