You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rpc-dev@xml.apache.org by Dejan Bosanac <de...@datagate.co.yu> on 2002/12/09 12:33:56 UTC
AuthenticatedXmlRpcHandler improvment
Hi,
I'm new to this list so I'm sorry if my question has already been discussed.
Recently, I had to use Basic authentication with XMLRPC, but I didn't
like the idea to be bounded only to execute() method. Instead, I wanted
to be able to call all methods from my class, but just to have basic
user/pass authentication before. Something like this:
XmlRpcClient xmlrpc = new XmlRpcClient("localhost", rpcPort);
xmlrpc.setBasicAuthentication(rpcUsername, rpcPassword);
xmlrpc.execute("$default.shutdown", new Vector());
To do that I did the following:
1. Made my RPC handler to implements AuthenticatedXmlRpcHandler
2. Implemented execute() method like this:
public Object execute(String method, Vector params, String username,
String password) throws Exception {
if (!authenticate(username, password))
throw new AuthenticationFailed("Bad username or password
supplied!");
Invoker target = new Invoker(this);
return target.execute(method, params);
}
The execute() method performs authentication and then creates Invoker
object (I had to use v1.2) to do the rest of the job.
Now, why shouldn't we modify AuthenticatedXmlRpcHandler (or add some new
interface) to support just authenticate() method to perform some custom
user authentication and leave the rest of the job to be done in the
invokeHandler() method of XmlRpcWorker class.
I could implemented it fast if you are interested in such a functionality.
Regards,
Dejan