Currently the UserManager interface has the authenticate method defined as
follows:
User authenticate(Authentication authentication)
throws AuthenticationFailedException;
I'm wondering if it would be of any benefit to change it to:
User authenticate(Authentication authentication, FtpSession session)
throws AuthenticationFailedException;
The reason(s) behind this -
I want to log a message when the login fails. The login could fail to due to
a number of reasons - such as Account is disabled, password has expired and
so on. Since I do not have the session information available from this
interface, I'm not able to log all the information that I normally do - such
as the session ID, remote address and so on. I know I can log this
information from onLogin() method of an Ftplet, but then I would not have
any information on why the login has actually failed. All I've is - 530
Authentication Failed reply.
Another benefit would be if I want to implement my user manager based on
user name and IP address. For example let User1 login if and only if he is
connecting from IP address xxx.xxx.xxx.xxx. Not sure if any one does this
kind of authentication, but in case if some one want to, this change should
help.
Let me know what you guys think.
Regards,
Sai Pullabhotla
www.jMethods.com
