This describes the design ideas for the next generation of the login service stuff.

Base interface DomainPasswordLoginService

The base interface only provides a login verification API, without any HTTP session handling.

The Java interface is org.clazzes.util.sec.DomainPasswordLoginService from https://svn.clazzes.org/svn/util/trunk/clazzes-util/src/main/java/org/clazzes/util/sec/DomainPasswordLoginService.java

We plan the following implmentations now:

We will create a new svn repository "login".

For testing:

Future ideas for implementations:

OSGi wrapper HttpLoginServiceAdapter

The OSGi side exists of one small bundle that listens for providers of the DomainPasswordLoginService interface and exports them adapted as a HttpLoginService (see https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java).

Current LoginServices combining login API and HTTP session handling will become obsolete: gwt-jaas-login-service,gwt-ldap-login-service, gwt-http-login-service (https://svn.clazzes.org/svn/gwt/trunk/gwt-*-login-service).

Package for the wrapper: org.clazzes.login.adapter.http

OSGi-bundle/project name: http-login-adapter

URL of exported DomainPasswordLoginServices: /http-login/<login.mechanism>/login