Difference between revisions of "CDO/Net4j Authentication"

From Eclipsepedia

< CDO
Jump to: navigation, search
(IManagedContainer-Setup)
(IManagedContainer-Setup)
Line 38: Line 38:
  
 
   static {
 
   static {
     IPluginContainer.INSTANCE.addPostProcessor(new AuthElementProcessor("tom","myverysecretpassword") { /* concrete impl see below */ })
+
     IPluginContainer.INSTANCE.addPostProcessor(new AuthElementProcessor(new PasswordCredentials("tom","blabla".toCharArray()))); // Implementation see below
 
   }
 
   }
  
Line 44: Line 44:
  
 
   private static class AuthElementProcessor implements IElementProcessor {
 
   private static class AuthElementProcessor implements IElementProcessor {
     private String username;
+
     private IPasswordCredentials credentials;
    private String password;
+
      public AuthElementProcessor(IPasswordCredentials credentials) {
   
+
        this.credentials = credentials;
    public AuthElementProcessor(String username, String password) {
+
       }
      this.username = username;
+
 
       this.password = password;
+
    }
+
   
+
 
     public Object process(IManagedContainer container,
 
     public Object process(IManagedContainer container,
                          String productGroup, String factoryType,
+
                            String productGroup, String factoryType,
                          String description, Object element) {
+
                            String description, Object element) {
 
       if( element instanceof InternalConnector ) {
 
       if( element instanceof InternalConnector ) {
 
         ResponseNegotiator rn = new ResponseNegotiator();
 
         ResponseNegotiator rn = new ResponseNegotiator();
 
         ((InternalConnector)element).getConfig().setNegotiator(rn);
 
         ((InternalConnector)element).getConfig().setNegotiator(rn);
 
       }
 
       }
     
+
 
 
       return element;
 
       return element;
 
     }
 
     }
Line 68: Line 65:
 
   if( element instanceof InternalConnector ) {
 
   if( element instanceof InternalConnector ) {
 
     ResponseNegotiator rn = new ResponseNegotiator();
 
     ResponseNegotiator rn = new ResponseNegotiator();
     PasswordCredentialsProvider pw = new PasswordCredentialsProvider(new PasswordCredentials(username,password.toCharArray()));
+
     PasswordCredentialsProvider pw = new PasswordCredentialsProvider(credentials);
 
     rn.setCredentialsProvider(pw);
 
     rn.setCredentialsProvider(pw);
 
     ((InternalConnector)element).getConfig().setNegotiator(rn);
 
     ((InternalConnector)element).getConfig().setNegotiator(rn);

Revision as of 05:04, 3 October 2008

In most enterprise application a user has to authenticate against the webserver, CDO application are not different in this aspect. So naturally CDO and Net4J provide a possibility to authenticate. The source code shown in this section is part of a big example project exploiting RCP+EMF+Databinding features.

Contents

Server

Server configuration with cdo-server.xml

Property-File based Authentication

If you are configuring your server using cdo-server.xml and providing authentication against a simple text file is as simple as uncommenting the following lines:

<acceptor type="tcp" listenAddr="0.0.0.0" port="2036">
  <negotiator type="challenge" description="/tmp/users.db"/>
</acceptor>

The value is the path to the user/password-File the authentication is done against. In this simple case the file is a Property-File and looks like this:

tom=myverysecretpassword

Client

IManagedContainer-Setup

The standard code to retrieve the session in an IManagedContainer looks like this:

 public CDOSessionProvider {
   public CDOSession openSession(String id, String host, String port) {
     IConnector connector = TCPUtil.getConnector(IPluginContainer.INSTANCE, host + ":" + port );
     CDOSessionConfiguration configuration = CDOUtil.createSessionConfiguration();
     configuration.setConnector(connector);
     configuration.setRepositoryName(id);
   
     return configuration.openSession();
   }
 }

And use it in our code like this:

 CDOSessionProvider pv = new CDOSessionProvider();
 pv.openSession("MyRep","localhost","2036");

The authentication negotiation has to be configured before the connection to the server is establish which happens here in the TCPUtil.getConnector()-method. So we somehow have to configure the system in between the call.

The first thing we need to do is to register a PostProcessor for the IPluginContainer.INSTANCE. This has to done only once for a IManagedContainer so the best part is a static block in the CDOSessionProvider.

  static {
    IPluginContainer.INSTANCE.addPostProcessor(new AuthElementProcessor(new PasswordCredentials("tom","blabla".toCharArray()))); // Implementation see below
  }

This ensures that we can enhance the configured connector and attach a so called INegotiator (in our case a special implementation for challenge/response based negotiation, see wikipedia, is available). The implementation to make this happen looks like this:

 private static class AuthElementProcessor implements IElementProcessor {
   private IPasswordCredentials credentials;
     public AuthElementProcessor(IPasswordCredentials credentials) {
       this.credentials = credentials;
     }
 
   public Object process(IManagedContainer container,
                           String productGroup, String factoryType,
                           String description, Object element) {
     if( element instanceof InternalConnector ) {
       ResponseNegotiator rn = new ResponseNegotiator();
       ((InternalConnector)element).getConfig().setNegotiator(rn);
     }
 
     return element;
   }
 }

The last step is to configure the ResponseNegotiator and provide PasswordCredentials for it used to do the real authentication.

 if( element instanceof InternalConnector ) {
   ResponseNegotiator rn = new ResponseNegotiator();
   PasswordCredentialsProvider pw = new PasswordCredentialsProvider(credentials);
   rn.setCredentialsProvider(pw);
   ((InternalConnector)element).getConfig().setNegotiator(rn);
 }

Now your client authenticates against your CDO-Server and you'll receive a "org.eclipse.net4j.connector.ConnectorException" if you try to access the session informations.