Hello,
I think an authentication filter will always be tightly coupled with the
protocol: the filter needs to know whether
the user is already authenticated and what the authentication command is.
Here is an example :
public class AuthenticationFilter extends IoFilterAdapter {
protected Logger logger = LoggerFactory.getLogger(
AuthenticationFilter.class);
private NotAuthenticated notAuthenticated = new NotAuthenticated();
public void messageReceived(NextFilter nextFilter, IoSession session,
Object message) throws Exception {
User user = (User) session.getAttribute("USER");
if (user != null || message instanceof LoginCommand) {
nextFilter.messageReceived(session, message);
} else {
logger.warn("not authenticated => reply with error
message");
session.write(notAuthenticated);
}
}
}
Add the filter to the chain AFTER the ProtocolCodecFilter.
Let us know if you have any better ideas.
Maarten
On 9/1/07, kwtan <[EMAIL PROTECTED]> wrote:
>
>
> How do I implement authentication filter? Is there any sample code for
> reference?
>
> Thank you!
> --
> View this message in context:
> http://www.nabble.com/Authentication-Filter-tf4365104s16868.html#a12442042
> Sent from the Apache MINA Support Forum mailing list archive at Nabble.com
> .
>
>
