AuthInvoker class - comments?

Wed, 16 Feb 2005 12:15:06 -0800 

Hi all

The company I work for has been ramping up its use of XML-RPC lately - there's really a lot of activity going on there now :)

We need to use authenticated connections at the office, although we don't need SSL (we just need to know who did what, not that it be encrypted).

I may have missed something, but I think there is a need for an "AuthInvoker" class.

Normally I can define a handler class, like this:

  public class SimpleHandler {

    public double add( double a, double b ) {
      return a+b;
    }
  }

And then add this class to be a handler as:

  SimpleHandler handler = new SimpleHandler( );
  m_webserver.addHandler ("simple", handler );

Works great.
I can even connect to the server using normal authentication and the handler gets called no problem. However, there is no way for the handler to get the user/password data, or any other context information.

99% of what I need is in the package - including a XmlRpcContext interface.

But I couldn't see a way for my handler to have access to the context information.

So I added AuthInvoker, by copying the Invoker class and changing about 8 lines.

Now, the SimpleHandler looks like this:
import org.apache.xmlrpc.*;

public class SimpleHandler {

  //
  // NOTE: use of XmlRpcContext object
  //
  public String add( double a, double b, XmlRpcContext context ) {

    double result = a + b;

    // show both the supplied parameter, and the authenticated
    String r
      = "Hi '"
      + context.getUserName()
      + "', identified by '"
      + context.getPassword()
      + "'. The result of "
      + a
      + " + "
      + b
      + " = "
      + result
      ;
    return r;
  }
}

and for this to work, it gets added to the server like this:

  SimpleHandler handler = new SimpleHandler( );
  m_webserver.addHandler ("simple", new AuthInvoker( handler ));

Now, although I know Java "reasonably", I don't know very much about servlets and Jetty etc - so I may well be missing something. Please shout out if so.


But otherwise, would other users find this useful? It makes it easy to access context information from a "plain" handler object, with a minimum of programmer effort.

Thanks for any comments :)

Ellers

Reply via email to