Item5945: restHandlers need to be able to be called without auth.
Priority: Normal
Current State: No Action Required
Released In:
Target Release: n/a
Applies To: Engine
Component:
Branches:
to completely replace the need for adding new cgi scripts, plugins need to be able to specify that a restHandler can be called without auth, or that if there is no auth, that the user will be redirected to login..
the default registration should continue to require auth -
not via apache auth, but selectivly, as for view in an DENYVIEW context, to add authless operation a plugin author has to do so intentionally.
--
TWiki:Main/SvenDowideit - 20 Aug 2008
Can you describe a use case where you'd like to implement a REST handler where auth would be a problem.
--
TWiki:Main.MichaelDaum - 21 Aug 2008
yup. any get operation on a data item that is open to
TWikiGuest.
such as a query for 'this month's appointments' in JSON form.
worse, in the current implementation, any rest query made as the first contact from an external 'app' will result in a 401 error - no pointer to the auth url, no possibilities for refunds, nothing.
nother use case - replace the
kinosearch
cgi script with a handler - search should not necessarily require previous auth - unless its being done on restricted content.
--
TWiki:Main.SvenDowideit - 21 Aug 2008
Eugen was talking about this recently, so marked for his attention.
--
CrawfordCurrie - 23 Feb 2009
I will look into this when i recovered from illness. I will write also a proposal so the solution will be fitting all needs and we can discuss about.
--
EugenMayer - 26 Feb 2009
i will start to create a solution for it after we have released the patch release and are going back to mainly work on the trunk
I addressed this some time ago.
--
CrawfordCurrie - 28 Oct 2009