[jira] Commented: (FTPSERVER-315) Pass FtpSession information to the UserManager.authenticate method

Fri, 16 Apr 2010 09:58:50 -0700 

    [ 
https://issues.apache.org/jira/browse/FTPSERVER-315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12857883#action_12857883
 ] 

Sai Pullabhotla commented on FTPSERVER-315:
-------------------------------------------

As a temporary (could be permanent too) solution, what do you think of: 

wrapping the FtpSession in the Authentication object or in the UserMetaData? I 
think it makes sense to have it in the Authentication object. At least, gets 
the job done! 

> Pass FtpSession information to the UserManager.authenticate method
> ------------------------------------------------------------------
>
>                 Key: FTPSERVER-315
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-315
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Core, Ftplets
>            Reporter: Sai Pullabhotla
>            Priority: Minor
>             Fix For: 2.0.0
>
>
> Currently the UserManager interface has the authenticate method defined as 
> follows:
>     User authenticate(Authentication authentication)
>             throws AuthenticationFailedException;
> I'm wondering if it would be of any benefit to change it to:
>     User authenticate(Authentication authentication, FtpSession session)
>             throws AuthenticationFailedException;
> The reason(s) behind this -
> I want to log a message when the login fails. The login could fail to due to 
> a number of reasons - such as Account is disabled, password has expired and 
> so on. Since I do not have the session information available from this 
> interface, I'm not able to log all the information that I normally do - such 
> as the session ID, remote address and so on. I know I can log this 
> information from onLogin() method of an Ftplet, but then I would not have any 
> information on why the login has actually failed. All I've is - 530 
> Authentication Failed reply.
> Another benefit would be if I want to implement my user manager based on user 
> name and IP address. For example let User1 login if and only if he is 
> connecting from IP address xxx.xxx.xxx.xxx. Not sure if any one does this 
> kind of authentication, but in case if some one want to, this change should 
> help.
> More info about this feature request can be found in the thread - 
> http://www.mail-archive.com/[email protected]/msg12942.html. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to