mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn Pearce <...@google.com>
Subject Re: symmetry of pluggable authentication classes?
Date Fri, 13 Nov 2009 15:00:23 GMT
On Fri, Oct 30, 2009 at 11:27, Daniel Kahn Gillmor
<dkg@fifthhorseman.net> wrote:
>  http://mina.apache.org/sshd/configuring-security.html
> Also, should either authenticator do anything with the ServerSession
> object passed in?  There does not seem to be any comment about that
> parameter in the interface file.

The ServerSession parameter is there so the authenticator can attach
session attributes via setAttribute(AttributeKey<T> key).  E.g. one of
my applications uses this to attach the application specific object
which represents a user and what they are permitted to access once the
session has been established.  This is later then available to the
CommandFactory, and can be given to any Command implementations it

But if all you care about is yes-allow/no-deny, the parameter doesn't
need to be used.

View raw message