[jira] Commented: (FTPSERVER-315) Pass FtpSession information to the UserManager.authenticate method

Mon, 29 Jun 2009 05:14:25 -0700 

    [ 
https://issues.apache.org/jira/browse/FTPSERVER-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12725145#action_12725145
 ] 

Sai Pullabhotla commented on FTPSERVER-315:
-------------------------------------------

Another reason where this change would be useful is: 

If I want to force some users (not all) log in to the FTPS server using client 
certificate and passwords, I could use the FtpSession.getClientCertificates() 
method in the authenticate method to determine if the user should be allowed 
access or not. 

> Pass FtpSession information to the UserManager.authenticate method
> ------------------------------------------------------------------
>
>                 Key: FTPSERVER-315
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-315
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Core, Ftplets
>            Reporter: Sai Pullabhotla
>            Priority: Minor
>             Fix For: 2.0.0
>
>
> Currently the UserManager interface has the authenticate method defined as 
> follows:
>     User authenticate(Authentication authentication)
>             throws AuthenticationFailedException;
> I'm wondering if it would be of any benefit to change it to:
>     User authenticate(Authentication authentication, FtpSession session)
>             throws AuthenticationFailedException;
> The reason(s) behind this -
> I want to log a message when the login fails. The login could fail to due to 
> a number of reasons - such as Account is disabled, password has expired and 
> so on. Since I do not have the session information available from this 
> interface, I'm not able to log all the information that I normally do - such 
> as the session ID, remote address and so on. I know I can log this 
> information from onLogin() method of an Ftplet, but then I would not have any 
> information on why the login has actually failed. All I've is - 530 
> Authentication Failed reply.
> Another benefit would be if I want to implement my user manager based on user 
> name and IP address. For example let User1 login if and only if he is 
> connecting from IP address xxx.xxx.xxx.xxx. Not sure if any one does this 
> kind of authentication, but in case if some one want to, this change should 
> help.
> More info about this feature request can be found in the thread - 
> http://www.mail-archive.com/[email protected]/msg12942.html. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to