You are viewing a plain text version of this content. The canonical link for it is here.
Posted to xmlrpc-dev@ws.apache.org by Ryan Hoegg <rh...@isisnetworks.net> on 2003/01/22 20:18:07 UTC
Re: Authentication patch
Note: Taking discussion to xml-rpc-dev list.
For Dejan:
We have a short page on our site on contributing to the XML-RPC project:
http://xml.apache.org/xmlrpc/contributing.html
There are several things we like to see accompanying your contribution:
1. A feature request / bug report on http://nagoya.apache.org. Anyone
can register for a free account. If not, a post to the dev list
(rpc-dev@xml.apache.org) with [PATCH] in the title will work as well.
2. A clear and concise description of the problem you are trying to
solve. Your web site has this information, but it is more of a nice
piece of documentation of your code than a description. Put this
description in the bug report, it will eventually end up in changes.xml.
3. A unit test that fails before your patch is applied and passes
afterwards. For new features, the fact that the unit test doesn't
compile before your patch is OK.
For the other developers:
OK I took the time to read this. It seems like the point of it is this
(taken from the page):
>All you have to do is to make your object implement AuthenticatedHandler
>interface and write authenticate method:
> public boolean authenticate(String username, String password);
>Method should do whatever it takes to check if a username and password
belongs to a valid user. It
>could connect to a relational database, LDAP or any other user storage
and return true if user is
>permitted for a call or false otherwise. After authorization, client
can make a call to any public method
>of your handler.
And the substantive change to the code is here:
+ else if (handler instanceof AuthenticatedHandler)
+ {
+ if (((AuthenticatedHandler)handler).authenticate(user, password))
+ {
+ Invoker invoker = new Invoker(handler);
+ outParam = invoker.execute(methodName, inParams);
+ }
+ else
+ {
+ throw new XmlRpcException(0, "Username or password does not match");
+ }
+ }
If we don't hear from Dejan again soon I will put this in nagoya and
take it from there.
--
Ryan Hoegg
ISIS Networks
http://www.isisnetworks.net
Dejan Bosanac wrote:
> Hi,
> I've made a little patch for v1.1 library which alows you to expose any of
> your business objects as a authenticated handler.
> You can find more about it at
> http://solair.eunet.yu/~chuki/software/s001.html
> <http://solair.eunet.yu/%7Echuki/software/s001.html>
> So if someone find it usefull ...
> Regards,
> Dejan