Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Modeling » EMF » [CDO] Access to password on the server
[CDO] Access to password on the server [message #966869] Thu, 01 November 2012 05:54 Go to next message
Jan Rosczak is currently offline Jan Rosczak
Messages: 35
Registered: July 2009
Location: Hamburg, Germany
Member
I need a way to access the user password on the CDO server and figured I could use some kind of public/private key magic to not transmit a plain password.

My problem is that on the server side I need to extend the SessionManager (override the authenticateUser method basically), but this is prohibited because SessionManager is an internal class.

I have not looked on the client side, maybe there exists a similar problem.

What can I do about it? I do not want do duplicate the SessionManager and Session classes just to be able to change the implementation of one method.

Thanks.
Re: [CDO] Access to password on the server [message #966884 is a reply to message #966869] Thu, 01 November 2012 06:05 Go to previous message
Eike Stepper is currently offline Eike Stepper
Messages: 5500
Registered: July 2009
Senior Member
Hi Jan,

The solution is a Diffie-Hellman based authentication protocol. I've implemented that a year ago for a customer who then
didn't want to pay for it. So it got never committed. Please contact me privately if you want to sponsor this
functionality on his behalf.

Cheers
/Eike

----
http://www.esc-net.de
http://thegordian.blogspot.com
http://twitter.com/eikestepper


Am 01.11.2012 10:54, schrieb Jan Rosczak:
> I need a way to access the user password on the CDO server and figured I could use some kind of public/private key
> magic to not transmit a plain password.
>
> My problem is that on the server side I need to extend the SessionManager (override the authenticateUser method
> basically), but this is prohibited because SessionManager is an internal class.
>
> I have not looked on the client side, maybe there exists a similar problem.
>
> What can I do about it? I do not want do duplicate the SessionManager and Session classes just to be able to change
> the implementation of one method.
>
> Thanks.
Previous Topic:Setting Value via FeaturePath
Next Topic:EMF Notification: how to not get our own modifications?
Goto Forum:
  


Current Time: Wed Aug 27 05:10:59 EDT 2014

Powered by FUDForum. Page generated in 0.16249 seconds