Difference between revisions of "CDO/Net4j Authentication"

From Eclipsepedia

< CDO
Jump to: navigation, search
(New page: In most enterprise application a user has to authentificate against the webserver, CDO application are not different in this aspect. So naturally CDO and Net4J provide a possibility to aut...)
 
(IManagedContainer-Setup)
Line 15: Line 15:
 
==Client==
 
==Client==
 
===IManagedContainer-Setup===
 
===IManagedContainer-Setup===
 +
The standard code to retrieve the session in an IManagedContainer looks like this:
 +
 +
  public CDOSession openSession(String id, String host, String port) {
 +
    IConnector connector = TCPUtil.getConnector(IPluginContainer.INSTANCE, host + ":" + port );
 +
    CDOSessionConfiguration configuration = CDOUtil.createSessionConfiguration();
 +
    configuration.setConnector(connector);
 +
    configuration.setRepositoryName(id);
 +
   
 +
    return configuration.openSession();
 +
  }
 +
 +
The authentification negotion has to be configured before the connection to the server is establish which happens here in the TCPUtil.getConnector()-method. So we somehow have to configure the system in between the call.
 +
 +
The first thing we need to do is to register a PostProcessor for the IPluginContainer.INSTANCE like this:
 +
 +
  public CDOSession openSession(String id, String host, String port) {
 +
    IPluginContainer.INSTANCE.addPostProcessor(new IElementProcessor() { /* concrete impl see below */ })
 +
  }
 +
 +
This ensures that we can enhance the configured connector and attach a so called INegotiator (in our case a special implementation for responses is available). The implementation to make this happen looks like this:
 +
 +
  private class AuthElementProcessor implements IElementProcessor {
 +
    private String username;
 +
    private String password;
 +
   
 +
    public AuthElementProcessor(String username, String password) {
 +
      this.username = username;
 +
      this.password = password;
 +
    }
 +
   
 +
    public Object process(IManagedContainer container,
 +
                          String productGroup, String factoryType,
 +
                          String description, Object element) {
 +
      if( element instanceof InternalConnector ) {
 +
        ResponseNegotiator rn = new ResponseNegotiator();
 +
        ((InternalConnector)element).getConfig().setNegotiator(rn);
 +
      }
 +
     
 +
      return element;
 +
    }
 +
  }
 +
 +
The last step is to configure a the ResponseNegotiator and provide PasswordCredentials for it used to do the real authentification.
 +
 +
  if( element instanceof InternalConnector ) {
 +
    ResponseNegotiator rn = new ResponseNegotiator();
 +
    PasswordCredentialsProvider pw = new PasswordCredentialsProvider(new PasswordCredentials(username,password.toCharArray()));
 +
    rn.setCredentialsProvider(pw);
 +
    ((InternalConnector)element).getConfig().setNegotiator(rn);
 +
  }
 +
 +
Now your client authentificates against your CDO-Server and you'll receive a "org.eclipse.net4j.connector.ConnectorException" if you try to access the session informations.

Revision as of 06:59, 2 October 2008

In most enterprise application a user has to authentificate against the webserver, CDO application are not different in this aspect. So naturally CDO and Net4J provide a possibility to authentificate.

Contents

Server

Server configuration

If you are configuring your server using cdo-server.xml and providing authentification against a simple text file is as simple as uncommenting the following lines:

<acceptor type="tcp" listenAddr="0.0.0.0" port="2036">
  <negotiator type="challenge" description="/tmp/users.db"/>
</acceptor>

The value is the path to the user/password-File the authentification is done against. In this simple case the file is a Property-File and looks like this:

tom=myverysecretpassword

Client

IManagedContainer-Setup

The standard code to retrieve the session in an IManagedContainer looks like this:

 public CDOSession openSession(String id, String host, String port) {
   IConnector connector = TCPUtil.getConnector(IPluginContainer.INSTANCE, host + ":" + port );
   CDOSessionConfiguration configuration = CDOUtil.createSessionConfiguration();
   configuration.setConnector(connector);
   configuration.setRepositoryName(id);
   
   return configuration.openSession();
 }

The authentification negotion has to be configured before the connection to the server is establish which happens here in the TCPUtil.getConnector()-method. So we somehow have to configure the system in between the call.

The first thing we need to do is to register a PostProcessor for the IPluginContainer.INSTANCE like this:

  public CDOSession openSession(String id, String host, String port) {
    IPluginContainer.INSTANCE.addPostProcessor(new IElementProcessor() { /* concrete impl see below */ })
  }

This ensures that we can enhance the configured connector and attach a so called INegotiator (in our case a special implementation for responses is available). The implementation to make this happen looks like this:

 private class AuthElementProcessor implements IElementProcessor {
   private String username;
   private String password;
   
   public AuthElementProcessor(String username, String password) {
     this.username = username;
     this.password = password;
   }
   
   public Object process(IManagedContainer container,
                          String productGroup, String factoryType,
                          String description, Object element) {
     if( element instanceof InternalConnector ) {
       ResponseNegotiator rn = new ResponseNegotiator();
       ((InternalConnector)element).getConfig().setNegotiator(rn);
     }
     
     return element;
   }
 }

The last step is to configure a the ResponseNegotiator and provide PasswordCredentials for it used to do the real authentification.

 if( element instanceof InternalConnector ) {
   ResponseNegotiator rn = new ResponseNegotiator();
   PasswordCredentialsProvider pw = new PasswordCredentialsProvider(new PasswordCredentials(username,password.toCharArray()));
   rn.setCredentialsProvider(pw);
   ((InternalConnector)element).getConfig().setNegotiator(rn);
 }

Now your client authentificates against your CDO-Server and you'll receive a "org.eclipse.net4j.connector.ConnectorException" if you try to access the session informations.