I don't know if this suggestion is misplaced, but one thing I would suggest is to have the authenticate call of the of the UserManager interface include the RequestHandler and that the RequestHandler provide an interface to get Socket information. It can be used to pass IP information as part of the user authentication, but more importantly, it can be used to get access to Certificate information if it is an SSL socket and client authentication is enabled. In my implementation, I've needed to evaluate contents of the Subject in the certificate with the login used in order to provide 2 factor authentication. An additional interface to UserManager might be an authenticate method that just takes an array of Certificates to provide for certificate based authentication.
-----Original Message----- From: Dave Roberts [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 29, 2006 4:16 AM To: [email protected] Subject: Re: [jira] Created: (FTPSERVER-52) Add onLoginFail() to Ftplet interface It was 28/11/2006 21:56, when Niklas Gustavsson wrote: > What do you all think of this RFE? I would be happy to add the > onLoginFail() method to the FtpLet interface if you don't disagree. Agreed, onLoginFail() seems the best place to me, but I wonder if it needs to be complemented with an onLoginOk(), both of which could be called after the user is set within the FtpRequestImpl object, so that the user information is available to the FtpLet. It also gives the application developer the opportunity to perform some additional authentication on the user, if required.
