mina-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hunter McMillen <mcmil...@gmail.com>
Subject Re: User authentication
Date Wed, 07 Aug 2013 19:23:00 GMT
So that is actually the solution we had before, but the state machine 
was in an authentication filter, we had a lot of trouble transitioning 
from "ok now I am done authenticating, I want to be in my IoHandler now"

Hunter
On 8/7/2013 3:03 PM, Jon wrote:
> So just implement some sort if authentication using the state machine and a database
record lookup.
>
> Sent from my iPhone
>
> On Aug 7, 2013, at 2:11 PM, Hunter McMillen <mcmillhj@gmail.com> wrote:
>
>> I misunderstood what you were asking, yes we have an abstract Command class that
has derivatives for all of the commands that a user could enter.
>>
>> Hunter
>> On 8/7/2013 1:13 PM, Jon wrote:
>>> You must be building some sort of communication format for it.
>>>
>>> Sent from my iPhone
>>>
>>> On Aug 7, 2013, at 1:06 PM, Hunter McMillen <mcmillhj@gmail.com> wrote:
>>>
>>>> We're not really implementing a protocol, we are just trying to make a text-based
game that will seamlessly support hundreds to thousands of users at a time.
>>>>
>>>> Hunter
>>>> On 8/7/2013 12:02 PM, Jon wrote:
>>>>> This is more of a protocol implementation than a networking question.
 What kind of protocol are you implementing.
>>>>>
>>>>> Sent from my iPhone
>>>>>
>>>>> On Aug 7, 2013, at 11:34 AM, Hunter McMillen <mcmillhj@gmail.com>
wrote:
>>>>>
>>>>>> We actually won't need anything as complex as LDAP, just a simple
DB hash + salt lookup.
>>>>>>
>>>>>> Hunter
>>>>>> On 8/7/2013 10:26 AM, Emmanuel Lécharny wrote:
>>>>>>> Le 8/7/13 4:11 PM, Hunter McMillen a écrit :
>>>>>>>> What are the common ways to authenticate users using Mina?
>>>>>>>>
>>>>>>>> The first attempt I made was using a state machine, but I
had problems
>>>>>>>> integrating that with an IoHandler.
>>>>>>>>
>>>>>>>> In retrospect, the state machine seems like overkill; so
I was hoping
>>>>>>>> to get ideas for other ways to authenticate users, or maybe
a link to
>>>>>>>> an application that does some authentication.
>>>>>>>>
>>>>>>>> would it be terrible to do something like this?
>>>>>>>>
>>>>>>>> public void sessionCreated(IoSession session) {
>>>>>>>>      authenticateUser()  // < ----- Good idea? Bad Idea?
Run in a
>>>>>>>> separate thread?
>>>>>>>> }
>>>>>>> Depends...
>>>>>>>
>>>>>>> let's see how it works with LDAP :
>>>>>>>
>>>>>>> - the user can connect on the server (and the sessionCreated
event is
>>>>>>> handled), but the user will not be authentified at this point.
>>>>>>>
>>>>>>> - in order to authenticate the user, we need to know about the
user.
>>>>>>> Just having his IP address is certainly not good enough (it's
easy to
>>>>>>> spoof it), so we expect the client to sent some credentials in
the first
>>>>>>> dedicated message. In LDAP this is done through a BindRequest.
Anyway,
>>>>>>> as you require the user to send you some data, you have to process
them
>>>>>>> by handling the messageReceived event.
>>>>>>>
>>>>>>>
>>>>>>> Last, not least : what about a separate thread ?
>>>>>>>
>>>>>>> That's a good question. The answer, again is "it depends". If
it takes
>>>>>>> seconds to authenticat a user, because you have to send the auth
request
>>>>>>> to a remote server, then having a separate thread for that sounds
smart.
>>>>>>> Most of the time, the authent will take a few ms, and will be
done quite
>>>>>>> rarely, so it's enough to execute this code in the same thread.
>>>>>>>
>>>>>>> Hope it helps.


Mime
View raw message