Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[ecf-dev] authentication and file transfer API

Hi Folks,

As of last night, I have the ECF file transfer API provider implemented using apache httpclient 3.0.1. For those that want to run it/try it out see the test code in org.eclipse.ecf.test.filetransfer, FileTransferRetrieveTest Junit plugin test. I will be doing more test and example code soon. If you can write some test code and contribute please do so.

But now I would like to introduce http authentication and proxy support. The question is, what sort of interface do we want to expose through the file transfer API for authentication and proxy support? Another way to put this is...what sort of interface is desired?

Taking just authentication for the moment...I'll address proxy support in another email.

I've thought of a couple of ways to expose authentication callbacks via the ECF container and filetransfer API:

1) IContainer.connect(ID,IConnectContext) already supports authentication callbacks via the IConnectContext parameter. We could simply require that callers use this existing IConnectContext callback interface prior to the actual file retrieve request for file transfers that require authentication. 2) Add new API/interface(s) for setting the authentication info on IRetrieveFileTransferContainerAdapter 3) Use the options (3rd) parameter in IRetrieveFileTransferContainerAdapter.sendRetrieveRequest
4) Expose some other interface that I haven't thought of

At the moment, I'm inclined to suggest/use 1, as it's already a generic authentication callback interface (essentially the same as JAAS authentication). This would mean that the file transfer provider implementations would have to store the IConnectContext callbacks passed in via IContainer.connect(), and then use them appropriately when the sendRetrieveRequest is actually made.

Note that if we go this route (using the IConnectContext for authentication for both connection-oriented AND connectionless types of communication), that this can/could be used for authentication for any/all extension interfaces (file transfer, bb api, as well as presence, others).

So do people have opinions/views on this?



Back to the top