Simon,
I have just pushed a commit to Scandium adding an accessor for the client’s PublicKey object to RawPublicKeyIdentity …
Regards,
Kai
From: leshan-dev-bounces@xxxxxxxxxxx
[mailto:leshan-dev-bounces@xxxxxxxxxxx] On Behalf Of Simon Bernard
Sent: Tuesday, April 28, 2015 6:57 PM
To: leshan developer discussions
Subject: Re: [leshan-dev] Time for a milestone release
I create a branch on leshan for testing the snapshot version of californium/scandium.[1]
I made the change to use the new DtlsConnectorConfig.Builder.
=> It's ok. No surprise, as we already look at that together[2]
I also made the change to use the Request.getSenderIdentity().
=> It seems good :) this allow us to remove our "crappy" SecureEndpoint Class. But we have a blocking issue, we do not have access to the raw public key as a java.security.PublicKey Object [3].
=> There is also an indirect issue as we don't close the DTLS session anymore on deregister[4] and I believe the DTLS cleaning session issue is still opened [5].
[1]https://github.com/eclipse/leshan/tree/cf-integration
[2]https://bugs.eclipse.org/bugs/show_bug.cgi?id=464712
[3]https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54R135
[4]https://github.com/eclipse/leshan/commit/55d9d668e99789f7864a0379f821f1c42734055c#diff-c98d9d5dd3ed316a597201928f23ed54L248
[5]https://github.com/eclipse/californium.scandium/commit/ef15043458acbbe4b82ac5b76ece72988e25263c#commitcomment-10238372
Le 22/04/2015 19:11, Kai a écrit :
Basically it is only the Request.getSenderIdentity() method in Californium wich can be used to acces the authenticated client's identity as a java.security.Principal. This way you do not need to retrieve the corresponding DTLSSession object from DTLSConnector
anymore ...
Simon Bernard <contact@xxxxxxxxxxxxxxx> schrieb am Mi., 22. Apr. 2015 12:05:
Kai, I take a look quickly and I don't find the code corresponding to the new API you talk about.
Could you give us a link ? I will look at that.
Le 22/04/2015 11:52, Hudalla Kai (INST/ESY) a écrit :
I would love to see leshan use the newly provided API in Cf’s Request to access the
authenticated client’s identity for making authorization decisions.
However, in order to so we would need to create a new milestone release of Scandium
and Californium as well (which I think we should do as well since I have made so many changes/improvements in Scandium).
Do think it would be worthwhile to take advantage of the new API?
Kai
A lot of buxfix landed in the master, I think it's time for another milestone release:
WDYT?
List of commits since last milestone:
* a9eae6a - (HEAD, origin/master, origin/HEAD, master) renamed methods because it's loading stream not files (il y a 6 minutes) <Julien Vermillard>
* e73facd - (origin/decode_tlv_one_instance, decode_tlv_one_instance) Decode TLV for one instance object request (il y a 16 heures) <Julien Vermillard>
* 49205f8 - don't shallow async response handling exceptions (il y a 18 heures) <Julien Vermillard>
* ef90727 - added object model for IPSO objects (il y a 6 jours) <Julien Vermillard>
* 688e743 - #8: fix bug (== instead of !=) (il y a 6 jours) <Simon Bernard>
* ce952b5 - Fix trace log (il y a 7 jours) <Manuel Sangoi>
* 29ac887 - Add some trace logs in the TLV decoder (il y a 7 jours) <Manuel Sangoi>
* 0419f1b - bug464043: Tests fail on Windows (il y a 8 jours) <Simon Bernard>
* ba70e4f - dump the TLV if a parse error occurs (il y a 8 jours) <Julien Vermillard>
* 0d9694f - avoid maven warnings by providing plugin version (il y a 2 semaines) <Alexander Ellwein>
* 348b530 - adjustments in import / export packages in pom.xml for osgi support (il y a 2 semaines) <ingo schaal>
* 1fd2cda - #8: Incorrect link objects are implicitly sent on update (il y a 4 semaines) <Simon Bernard>
* b409bea - add some checks on link object payload for register integration tests (il y a 4 semaines) <Simon Bernard>
* 19b0940 - add integration tests for discover (il y a 4 semaines) <Simon Bernard>
* 58d051d - fix registration and implement discover (without attributes) at client side. (il y a 4 semaines) <Simon Bernard>
* b32ac64 - ClientUpdate toString() (il y a 4 semaines) <Julien Vermillard>
* 64968dd - add API to be able to load model from stream (il y a 4 semaines) <Simon Bernard>
* 90c7e2a - Merge LinkFormatUtils in LinkObject (il y a 4 semaines) <Simon Bernard>
* 7a14736 - Remove the "close" of DTLS Session when register return FORBIDDEN (il y a 5 semaines) <Simon Bernard>
* 144beac - add Security Tests (Test RPK and PSK connection via DTLS) (il y a 5 semaines) <Simon Bernard>
* 834d61d - Refactor tests to prepare addition of SecurityTest (il y a 5 semaines) <Simon Bernard>
* 7d418e9 - restore RPK support (probably erased pending a previous merge) (il y a 5 semaines) <Simon Bernard>
* 439ecfd - add some TODOs (il y a 5 semaines) <Simon Bernard>
* 43c64fa - Move ResponseCallback from leshan-client-core to integration-tests (il y a 5 semaines) <Simon Bernard>
* bd5fec0 - Manage all exceptions in handleRequest (il y a 5 semaines) <Simon Bernard>
* 9969792 - always use free port for tests. (il y a 5 semaines) <Simon Bernard>
* a23e6a8 - fix java doc of LeshanClientExample (il y a 5 semaines) <Simon Bernard>
* d86fdc5 - LwM2mPath constructor accept now path which does not start by "/" (il y a 5 semaines) <Simon Bernard>
* b984fc5 - The client address setting is now optional. (il y a 5 semaines) <Simon Bernard>
* cf823de - fix licence and remove reference to
github.com/jvermillard (il y a 6 semaines) <Simon Bernard>
* 83a56aa - Remove unused dependencies (il y a 6 semaines) <Simon Bernard>
* 05202b2 - Remove LwM2MServerMessageDeliverer (Use default MessageDeliverer) (il y a 6 semaines) <Simon Bernard>
* adb154c - Split leshan-client in 2 projects (leshan-client-core/leshan-client-cf) (il y a 6 semaines) <Simon Bernard>
* d1e9ec5 - Always run integration tests (remove integration profile for tests) (il y a 6 semaines) <Simon Bernard>
* a326851 - New client API (il y a 6 semaines) <Simon Bernard>
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
|