hstaudacher
commented
12 years ago Maybe we can use the RequestContext for this. What do you think?
Open dcrissman opened 12 years ago
hstaudacher
commented
12 years ago Maybe we can use the RequestContext for this. What do you think?
dcrissman
commented
12 years ago I think RequestContext makes sense.
With that said, do we want to support both Annotation driven authentication AND from the RequestContext?
If so, then what should the precedence be?
I guess my thought would be that if both are kept, that any Authentication on HttpTest would take precedence. Although, I can't really think of a good use case for implementing a test that utilizes both approaches at the same time.
dcrissman
commented
12 years ago What is the use case for allowing multiple Authentication instances for any given test?
hstaudacher
commented
12 years ago This was an internal usecase during development time and probably very rarely used in production. I think the best thing would be to rework the whole authentication stuff for a version 2.0.
dcrissman
commented
12 years ago Well, I have an initial implementation. It only supports a single Authentication being added to the Context, but then just adds that to the existing list of Authentications internally. I am happy to submit a merge request, or if you want to go completely in a different direction that's cool too.
https://github.com/dcrissman/restfuse/tree/context-authentication
I question if Authentication should truly be an annotation. Based on my various environments, I may want to use different credential sets at runtime, however because Authentication is an annotation it will only accept constant expressions.
Take for example credentials that are in a properties file, there is no way (that I could find) to set the authentication values dynamically.