You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by kwtan <ka...@yahoo.com> on 2007/09/01 19:00:02 UTC
Authentication Filter
How do I implement authentication filter? Is there any sample code for
reference?
Thank you!
--
View this message in context: http://www.nabble.com/Authentication-Filter-tf4365104s16868.html#a12442042
Sent from the Apache MINA Support Forum mailing list archive at Nabble.com.
Re: Authentication Filter
Posted by kwtan <ka...@yahoo.com>.
Thanks Maarten.
I didn't fully understood? Sorry, I'm a newbie.
Inside my server coding, I have this line of code:
acceptor.bind( new InetSocketAddress(PORT), new ServerSessionHandler(),
cfg);
Where ServerSessionHandler handle the server and client input output.
Where should I insert your sample coding?
Maarten Bosteels-4 wrote:
>
> Hello,
>
> I think an authentication filter will always be tightly coupled with the
> protocol: the filter needs to know whether
> the user is already authenticated and what the authentication command is.
>
> Here is an example :
>
> public class AuthenticationFilter extends IoFilterAdapter {
>
> protected Logger logger = LoggerFactory.getLogger(
> AuthenticationFilter.class);
>
> private NotAuthenticated notAuthenticated = new NotAuthenticated();
>
> public void messageReceived(NextFilter nextFilter, IoSession session,
> Object message) throws Exception {
> User user = (User) session.getAttribute("USER");
> if (user != null || message instanceof LoginCommand) {
> nextFilter.messageReceived(session, message);
> } else {
> logger.warn("not authenticated => reply with error
> message");
> session.write(notAuthenticated);
> }
> }
> }
>
> Add the filter to the chain AFTER the ProtocolCodecFilter.
> Let us know if you have any better ideas.
>
> Maarten
>
> On 9/1/07, kwtan <ka...@yahoo.com> wrote:
>>
>>
>> How do I implement authentication filter? Is there any sample code for
>> reference?
>>
>> Thank you!
>> --
>> View this message in context:
>> http://www.nabble.com/Authentication-Filter-tf4365104s16868.html#a12442042
>> Sent from the Apache MINA Support Forum mailing list archive at
>> Nabble.com
>> .
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Authentication-Filter-tf4365104s16868.html#a12446088
Sent from the Apache MINA Support Forum mailing list archive at Nabble.com.
Re: Authentication Filter
Posted by Maarten Bosteels <mb...@gmail.com>.
Hello,
I think an authentication filter will always be tightly coupled with the
protocol: the filter needs to know whether
the user is already authenticated and what the authentication command is.
Here is an example :
public class AuthenticationFilter extends IoFilterAdapter {
protected Logger logger = LoggerFactory.getLogger(
AuthenticationFilter.class);
private NotAuthenticated notAuthenticated = new NotAuthenticated();
public void messageReceived(NextFilter nextFilter, IoSession session,
Object message) throws Exception {
User user = (User) session.getAttribute("USER");
if (user != null || message instanceof LoginCommand) {
nextFilter.messageReceived(session, message);
} else {
logger.warn("not authenticated => reply with error
message");
session.write(notAuthenticated);
}
}
}
Add the filter to the chain AFTER the ProtocolCodecFilter.
Let us know if you have any better ideas.
Maarten
On 9/1/07, kwtan <ka...@yahoo.com> wrote:
>
>
> How do I implement authentication filter? Is there any sample code for
> reference?
>
> Thank you!
> --
> View this message in context:
> http://www.nabble.com/Authentication-Filter-tf4365104s16868.html#a12442042
> Sent from the Apache MINA Support Forum mailing list archive at Nabble.com
> .
>
>