[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-dev
Subject:    Re: comments on post-authn interceptor flow
From:       "Cantor, Scott" <cantor.2 () osu ! edu>
Date:       2014-09-10 23:33:54
Message-ID: D036576A.56202%cantor.2 () osu ! edu
[Download RAW message or body]

On 9/10/14, 6:40 PM, "Tom Zeller" <tzeller@dragonacea.biz> wrote:

>Phew. After being confused about attempted vs intermediate in the
>subject c14n flow when copying to the post-authn flow, I think I
>understand now, and wrote some flow tests to make sure.

It's just iteration without an iterator. I didn't try to use the flow to
do the iteration back then, but I made that work in some of the logout
code, so either way works.

>I think I've got it right now in that the post-authn flow turns any
>non-proceed event into an error by calling 'HandleError' in the
>calling (profile) flow.

Yes, if it's part of the calling flow where you're handling the event,
that's how you pass control to the error handling steps.

>There's enough commonality in the subject c14n and profile interceptor
>classes that there probably should be some re-use, I just didn't
>understand the details until I worked it through.

Yes, about the only difference really is running one that applies and
stopping vs. running each one that applies once.

-- Scott

-- 
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]