Re: Authentication patch

Wed, 22 Jan 2003 11:17:57 -0800

Note: Taking discussion to xml-rpc-dev list.

For Dejan:

We have a short page on our site on contributing to the XML-RPC project:
http://xml.apache.org/xmlrpc/contributing.html

There are several things we like to see accompanying your contribution:
1. A feature request / bug report on http://nagoya.apache.org. Anyone can register for a free account. If not, a post to the dev list ([EMAIL PROTECTED]) with [PATCH] in the title will work as well.
2. A clear and concise description of the problem you are trying to solve. Your web site has this information, but it is more of a nice piece of documentation of your code than a description. Put this description in the bug report, it will eventually end up in changes.xml.
3. A unit test that fails before your patch is applied and passes afterwards. For new features, the fact that the unit test doesn't compile before your patch is OK.

For the other developers:
OK I took the time to read this. It seems like the point of it is this (taken from the page):

>All you have to do is to make your object implement AuthenticatedHandler
>interface and write authenticate method:

       public boolean authenticate(String username, String password);
>Method should do whatever it takes to check if a username and password belongs to a valid user. It
>could connect to a relational database, LDAP or any other user storage and return true if user is
>permitted for a call or false otherwise. After authorization, client can make a call to any public method
>of your handler.

And the substantive change to the code is here:

+ else if (handler instanceof AuthenticatedHandler)
+ {
+ if (((AuthenticatedHandler)handler).authenticate(user, password))
+ {
+ Invoker invoker = new Invoker(handler);
+ outParam = invoker.execute(methodName, inParams);
+ }
+ else
+ {
+ throw new XmlRpcException(0, "Username or password does not match");
+ }
+ }

If we don't hear from Dejan again soon I will put this in nagoya and take it from there.

--
Ryan Hoegg
ISIS Networks
http://www.isisnetworks.net

Dejan Bosanac wrote:

Hi,
I've made a little patch for v1.1 library which alows you to expose any of
your business objects as a authenticated handler.
You can find more about it at
http://solair.eunet.yu/~chuki/software/s001.html <http://solair.eunet.yu/%7Echuki/software/s001.html>
So if someone find it usefull ...
Regards,
Dejan


















    











					Reply via email to