Hi,
I'm writing some security IoFilters and I'm having a recurring issue.
Each time I write a security negotiation filter, I stumble in a quite
annoying problem.
I have a filter chain like :
SecurityCodec -> SecurityLogic -> CodecA -> CodecB -> Business code
The security logic filter is first negociating some security keys and auth :
pseudo code:
void messageReceived(session, msg, nextFilter) {
if (session is not authenticated) {
session.write( new SecurityNegociationMessage());
} else {
nextFilter.messageReceive(decipher(msg));
}
}
So the security filter call session.write, but when you do that the
message is processed by the whole IoFilter chain, the two codec filter
will try to process it.
So most of time I need to add workaround in the upper fitlers to skip
the low level security filters.
IMO when a session.write(..) is called from a IoFilter message
reception event, we should process the filter chain partially.
--
Julien Vermillard :::: http://people.apache.org/~jvermillard/
