You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Sai Pullabhotla (JIRA)" <ji...@apache.org> on 2010/04/16 18:58:25 UTC

[jira] Commented: (FTPSERVER-315) Pass FtpSession information to the UserManager.authenticate method

    [ https://issues.apache.org/jira/browse/FTPSERVER-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12857883#action_12857883 ] 

Sai Pullabhotla commented on FTPSERVER-315:
-------------------------------------------

As a temporary (could be permanent too) solution, what do you think of: 

wrapping the FtpSession in the Authentication object or in the UserMetaData? I think it makes sense to have it in the Authentication object. At least, gets the job done! 

> Pass FtpSession information to the UserManager.authenticate method
> ------------------------------------------------------------------
>
>                 Key: FTPSERVER-315
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-315
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Core, Ftplets
>            Reporter: Sai Pullabhotla
>            Priority: Minor
>             Fix For: 2.0.0
>
>
> Currently the UserManager interface has the authenticate method defined as follows:
>     User authenticate(Authentication authentication)
>             throws AuthenticationFailedException;
> I'm wondering if it would be of any benefit to change it to:
>     User authenticate(Authentication authentication, FtpSession session)
>             throws AuthenticationFailedException;
> The reason(s) behind this -
> I want to log a message when the login fails. The login could fail to due to a number of reasons - such as Account is disabled, password has expired and so on. Since I do not have the session information available from this interface, I'm not able to log all the information that I normally do - such as the session ID, remote address and so on. I know I can log this information from onLogin() method of an Ftplet, but then I would not have any information on why the login has actually failed. All I've is - 530 Authentication Failed reply.
> Another benefit would be if I want to implement my user manager based on user name and IP address. For example let User1 login if and only if he is connecting from IP address xxx.xxx.xxx.xxx. Not sure if any one does this kind of authentication, but in case if some one want to, this change should help.
> More info about this feature request can be found in the thread - http://www.mail-archive.com/dev@mina.apache.org/msg12942.html. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira