|<< Back to previous view|
[JASPIC_SPEC-21] Support for events Created: 30/Apr/13 Updated: 09/Oct/13
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
|Participants:||arjan tijms and kithouna|
For several use cases it would be quite convenient if JASPIC would throw events at several important moments of the authentication message exchange.
Such events could be:
User code could possibly register for such events in the same way such code can register for events from the Servlet container; annotating the listener class and implementing an interface.
Additionally CDI style events can be supported as well.
Use cases for such event listeners are among others:
Specifically for the second use case a PreAutenticate listener should be able to veto the authentication attempt (at which JASPIC could respond by e.g. sending a 403 to the client).
|Comment by kithouna [ 09/Oct/13 02:49 PM ]|
Another use case: increase the Http session timeout after a user logs in. The AuthEvent should therefor give access to the JASPIC request/response.