You are viewing a plain text version of this content. The canonical link for it is here.
Posted to xmlrpc-dev@ws.apache.org by "Jochen Wiedmann (JIRA)" <xm...@ws.apache.org> on 2006/05/09 22:44:05 UTC
[jira] Geschlossen: (XMLRPC-25) Authenticated handler
[ http://issues.apache.org/jira/browse/XMLRPC-25?page=all ]
Jochen Wiedmann closed XMLRPC-25:
---------------------------------
Resolution: Fixed
Assign To: (was: rpc-dev mailing list)
In version 3, it is possible to provide custom authentication by supplying an instance of AuthenticationHandler.
> Authenticated handler
> ---------------------
>
> Key: XMLRPC-25
> URL: http://issues.apache.org/jira/browse/XMLRPC-25
> Project: XML-RPC
> Type: Bug
> Components: Source
> Versions: unspecified
> Environment: Operating System: Other
> Platform: All
> Reporter: Dejan Bosanac
> Attachments: authenticated.patch, authenticated.patch
>
> Enable to expose any business object as a handler that performs basic HTTP
> authentication, but not to be forced to call only execute() method of the handler.
> If AuthenticatedXmlRpcHandler is used you are forced to call only execute
> method. The problem with this approach is that we are responsible for
> determining what action should be used. This could be a easy task in most cases,
> but it could be a big challenge in a complex handler.
> Idea is to make your object implement AuthenticatedHandler interface and only
> write authenticate method:
> public boolean authenticate(String username, String password);
>
> Method should do whatever it takes to check if a username and password belongs
> to a valid user. It could connect to a relational database, LDAP or any other
> user storage and return true if user is permitted for a call or false otherwise.
> After authorization, client can make a call to any public method of your handler.
> XmlRpcClient client = new XmlRpcClient(url);
> try
> {
> client.setBasicAuthentication(username, password);
> client.execute("authenticated.test", params);
> }
> catch(Exception ex)
> {
> System.err.println("Error: " + ex.getMessage());
> }
> The actual test method will be called.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira