eraseCredentialsAfterAuthenticationproperty, which keeps you from accidentally letting credentials lie around. Accidentally. What, like printing them to the standard out, or to the HTML document?? If this happens to you accidentally, then you might have a lot of other problems, too. Frameworks helping people to avoid such accidents remind me of PHP and this interesting post about how fundamentally broken PHP is: http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/ If you’ve ever heard about PHP’s abominable “magic quotes”, you’ll understand what I mean.
More examplesThere’s more. Spring has incredibly specialised API types, such as:
Note the repetition of concepts in both package and class names:
org.springframework.security.web .authentication.preauth.websphere .WebSpherePreAuthenticatedWebAuthenticationDetailsSource
- 2x “web”
- 4x “authentication” (out of which 2x “pre-authenticated”)
- 2x “websphere
9 thoughts on “J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource… WAT??”
I’d be willing to bet that a Markov-chain generated class name (based on Spring Security) would be indistinguishable from the real thing.
Haha, very nice. You can calculate the probability of such a generator to produce an AuthenticatorAuthenticatedAuthenticationAuthenticatingAuthenticatorCator
Ah Spring security. Last time I tried to use it I was trying to figure out how to do something relatively simple (I thought) but which was not exactly like anything the manual showed. I kept finding explanations on the web and example code, and would find that they did not work, because they were for different versions of it. That’s the nice thing about Spring, I guess. Don’t like their recommended way of doing something? No problem, wait a release or two, and it will surely be different…
I think next time I may try Shiro: https://shiro.apache.org/
Yes, hmm. I should do that with jOOQ too :-) I mean the frequent changing of API elements that I don’t like.
Then again, I did that in early versions of jOOQ and got “corrected”:
Now I’m glad, I think a lot more about new API elements before introducing them. Which keeps me from adding J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource2 and other stuff
Reblogged this on Development Blog.
It get’s the job done? Yes.
Well, things do get the job done, occasionally. That’s true… Kinda like this hammer: