Hi,
But you can think of a simpler scenario: how would i support a login via O-Auth2 (Google) and via own login / username as supported by this forum?
This scenario isn’t authenticator dependent. I’ll quote myself from a another post:
an authenticator is like a session. It authenticates an already authenticated user on subsequent requests to a page/app. A provider is the part which authenticates a user against an external (social provider, LDAP, CAS), against a credentials provider and so on. Typically authentication in Silhouette has two steps. First the user authenticates once against a provider and then you create an authenticator which authenticates the user on subsequent request against your page/app.
i managed to get this working using the same Authenticator and using a custon RequestProvider for the IAM case that. But i have to use the same Authenticator and this is not what i like.
Here I can also quote myself from the same post:
A request provider is a special kind of provider which can be directly hooked into the authentication process. It reads authentication data from the incoming request and authenticates the user. In this case an authenticator isn’t used, therefore it’s recommended to use the DummyAuthenticator
. The basic authentication provider is a request provider. It gets the authentication data from the Authorization
header.
To give you a better advice, it would be great if you could describe your authentication flow a bit more in detail. I have the feeling that you currently mix the paradigms that Silhouette does provides.
Let me know if you have further questions.
Best regards,
Christian