| [CDO] User auth with JVM connectors [message #1710754] |
Fri, 09 October 2015 01:42  |
 Thomas R.
Messages: 1
Registered: October 2015 |
Junior Member |
|
|
Hi!
we're using CDO in our OSGi container, to provide services inside that container with access to a model repository. To that end, we've wrapped the CDO API with our own, and created a bundle that programmatically starts a self-contained CDO server, with an embedded H2 data source, and a local JVM connector. The bundle acts as a client/server in one if you will. Other services call our wrapped repository api, which holds a single CDOSession.
Now we have problems storing author information in commits. As far as I understand it, CDO has its own authentication mechanism on both client and server side, which is handled by the net4j connectors.
Now my questions
* any suggestions on what the easiest way of getting author information into the commits in this UC would be?
* is it possible to use the authentication mechanism using JVM connectors?
* can the server-side authentication system be easily overridden? specifically i would like to plug in our own, which is based on shiro
Kind Regards
Thomas
|
|
|
| Re: [CDO] User auth with JVM connectors [message #1710928 is a reply to message #1710754] |
Sun, 11 October 2015 09:32  |
|
Am 09.10.2015 um 17:38 schrieb Thomas R.:
> Hi!
>
> we're using CDO in our OSGi container, to provide services inside that container with access to a model repository. To
> that end, we've wrapped the CDO API with our own, and created a bundle that programmatically starts a self-contained
> CDO server, with an embedded H2 data source, and a local JVM connector. The bundle acts as a client/server in one if
> you will. Other services call our wrapped repository api, which holds a single CDOSession.
>
> Now we have problems storing author information in commits. As far as I understand it, CDO has its own authentication
> mechanism on both client and server side, which is handled by the net4j connectors.
Net4j transport-level authentication still exists but CDO's newer authentication mechansim is better. For example it
makes the clear text password available on the server side (for use with LDAP or so).
To use CDO's own authentication you'd call:
1) IRepository.getSessionManager().setAuthenticator(...)
2) CDOSessionConfiguration.setCredentialsProvider(...)
Of course that wouldn't solve your problem if you have only one session for all users. The CDOTransaction API and the
commit protocol could be enhanced to let you override the session user on a per-commit basis.
>
> Now my questions
> * any suggestions on what the easiest way of getting author information into the commits in this UC would be?
Use CDOTransaction.setCommitComment(...).
> * is it possible to use the authentication mechanism using JVM connectors?
Yes, but not recommended with CDO (see above).
> * can the server-side authentication system be easily overridden?
Yes, but it would only ever authenticate the user of a session, not of a transaction/commit.
> specifically i would like to plug in our own, which is based on shiro
I never heard of that before.
Cheers
/Eike
----
http://www.esc-net.de
http://thegordian.blogspot.com
http://twitter.com/eikestepper
Cheers
/Eike
----
http://www.esc-net.de
http://thegordian.blogspot.com
http://twitter.com/eikestepper
|
|
|
Powered by
FUDForum. Page generated in 0.02967 seconds
] 
Search
Help
Register
Login
Home
