Minor Description
Currently the UserManager interface has the authenticate method defined as follows:
User authenticate(Authentication authentication)
throws AuthenticationFailedException;
I'm wondering if it would be of any benefit to change it to:
User authenticate(Authentication authentication, FtpSession session)
throws AuthenticationFailedException;
The reason(s) behind this -
I want to log a message when the login fails. The login could fail to due to a number of reasons - such as Account is disabled, password has expired and so on. Since I do not have the session information available from this interface, I'm not able to log all the information that I normally do - such as the session ID, remote address and so on. I know I can log this information from onLogin() method of an Ftplet, but then I would not have any information on why the login has actually failed. All I've is - 530 Authentication Failed reply.
Another benefit would be if I want to implement my user manager based on user name and IP address. For example let User1 login if and only if he is connecting from IP address xxx.xxx.xxx.xxx. Not sure if any one does this kind of authentication, but in case if some one want to, this change should help.
More info about this feature request can be found in the thread - http://www.mail-archive.com/dev@mina.apache.org/msg12942.html.