[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [ecf-dev] authentication and authorisation with ecf
|
Hi,
If the connectHandlerPolicy is set, then it's checkConnect method is
called (connectHandlerPolicy is of type IConnectHandlerPolicy...and
the last parameter...'data'...is the value from the client of the
'connectData' that's returned from the connectPolicy.createConnectData
call.
So to summarize, the IConnectInitiatorPolicy allows the determination
of the client-side 'connectData' during the execution of the
IContainer.connect(ID,IConnectContext) call. The 'connectData' value
(e.g. password) is then sent to the server. On the server container
the IConnectHandlerPolicy is consulted (with the 'data'=='connectData'
provided) to determine if the connect request, should be accepted.
ok, thanks for your explanation. The Problem was, that i didn 't set
the IConnectInitiatorPolicy. It's working now.
Is it possible to use JAAS for authentication? Or is there a best
practise for server side authentication (is it secure to send
username/password as a 'connectData' or should i encrypt the password
manually?)
How does authorisation work?
I set the RemoteServiceCallPolicy (client side). But the method never
get called... (setRemoteServiceCallPolicy(callPolicy) returned true)
The remote service call policy is called by the service host for the
remote call when a call request has been received, but before it is
actually made on the service host's local service object. So it's
only going to be called on the host side (I say 'host' rather than
'server' because it's quite possible for a client to host a
service...and in that case the remote service call
policy.checkRemoteCall would still be called in on the service
host...but it would be a client). So in other words, you need to set
the remote service call policy on the container that has the service
host (the server container in your situation, I believe).
When i return the authorization roles for the authenticated user on the
checkConnect call, how can i access these roles on the
RemoteServiceCallPolicy.checkRemoteCall? Is there a default service/impl?
Thanks for your help,
Stefan
Hope this helps.
Scott
_______________________________________________
ecf-dev mailing list
ecf-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/ecf-dev