Return-Path: Delivered-To: apmail-mina-dev-archive@www.apache.org Received: (qmail 93494 invoked from network); 13 Nov 2009 15:01:19 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 13 Nov 2009 15:01:19 -0000 Received: (qmail 86196 invoked by uid 500); 13 Nov 2009 15:01:19 -0000 Delivered-To: apmail-mina-dev-archive@mina.apache.org Received: (qmail 86116 invoked by uid 500); 13 Nov 2009 15:01:19 -0000 Mailing-List: contact dev-help@mina.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@mina.apache.org Delivered-To: mailing list dev@mina.apache.org Received: (qmail 86105 invoked by uid 99); 13 Nov 2009 15:01:19 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Nov 2009 15:01:19 +0000 X-ASF-Spam-Status: No, hits=-4.0 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of sop@google.com designates 216.239.45.13 as permitted sender) Received: from [216.239.45.13] (HELO smtp-out.google.com) (216.239.45.13) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Nov 2009 15:01:11 +0000 Received: from zps77.corp.google.com (zps77.corp.google.com [172.25.146.77]) by smtp-out.google.com with ESMTP id nADF0nkr020998 for ; Fri, 13 Nov 2009 07:00:49 -0800 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1258124449; bh=CRjoUgAA7MAXF8xjXOAZ6XLsCMs=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Content-Type:Content-Transfer-Encoding; b=sBCMRiJNK13tcDVIy8vXqWsaWE2ELf4j3708+5d2Vj8HAK8ucHdpEBo+/4VRAtnjD W56fQbgBGUuqQ2ynl6h1A== DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:from:date:message-id: subject:to:content-type:content-transfer-encoding:x-system-of-record; b=MNFhViblPEVSAjyR50sxP+1PvCZF8PSvgj8LxvIU1ZX+YAQ1AY+Q8r1cIw9cOZh4T dZgKJ33ZJl6M1gvnC8FmQ== Received: from yxe6 (yxe6.prod.google.com [10.190.2.6]) by zps77.corp.google.com with ESMTP id nADF0knd008238 for ; Fri, 13 Nov 2009 07:00:47 -0800 Received: by yxe6 with SMTP id 6so3176453yxe.13 for ; Fri, 13 Nov 2009 07:00:46 -0800 (PST) MIME-Version: 1.0 Received: by 10.150.32.1 with SMTP id f1mr8082875ybf.96.1258124443089; Fri, 13 Nov 2009 07:00:43 -0800 (PST) In-Reply-To: <4AEB3E2A.8070906@fifthhorseman.net> References: <4AEB3E2A.8070906@fifthhorseman.net> From: Shawn Pearce Date: Fri, 13 Nov 2009 07:00:23 -0800 Message-ID: <1cc472780911130700j200442dr692825f67eedbc90@mail.gmail.com> Subject: Re: symmetry of pluggable authentication classes? To: dev@mina.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-System-Of-Record: true X-Virus-Checked: Checked by ClamAV on apache.org On Fri, Oct 30, 2009 at 11:27, Daniel Kahn Gillmor wrote: > > =A0http://mina.apache.org/sshd/configuring-security.html > > Also, should either authenticator do anything with the ServerSession > object passed in? =A0There does not seem to be any comment about that > parameter in the interface file. The ServerSession parameter is there so the authenticator can attach session attributes via setAttribute(AttributeKey key). E.g. one of my applications uses this to attach the application specific object which represents a user and what they are permitted to access once the session has been established. This is later then available to the CommandFactory, and can be given to any Command implementations it constructs. But if all you care about is yes-allow/no-deny, the parameter doesn't need to be used.