activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ngcutura <ngcut...@gmail.com>
Subject Re: LDAP Authorization
Date Mon, 17 Jul 2006 12:07:55 GMT


James.Strachan wrote:
> 
>> Sounds great! I didn't see an attachment - I wonder it might be easier
>> if you raised a JIRA and attached your zip to the JIRA issue?
> 
> 
> Attachment is hyperlinked below sentnece "Attached is a zip archive with 4
> files:" in original post.
> ("LdapAuth.zip" is hyperlinked; clicking this link opens file download.)
> 
> I saw an entry in JIRA "AMQ-376". Would this be appropriate or another one
> is required?
> Can I create entry in JIRA as unprivileged user? I didn't try, to be
> honest, I thought that someone from the development team is authorized to
> manage entries in JIRA. :-)
> 
> Regards,
> NGC
> 
> On 7/15/06, ngcutura <ngcutura@gmail.com> wrote:
>>
>> Hi all,
>>
>> I followed James' advice and created simple LDAPAuthorizationMap. It has
>> no
>> support for wildcards or composite destinations at the moment.
>>
>> Attached is a zip archive with 4 files:
>> LdapAuth.zip
>> - LDAPAuthorizationMap.java (module code)
>> - LDAPAuthorizationMapTest.java (module test)
>> - LDAPAuthorizationMap.properties (list of module properties)
>> - AMQAuth.ldif (sample directory used for testing)
>>
>> Module works through JUnit tests. To run the tests you need to setup a
>> directory. I used ApacheDS; export of my sample directory is in the file
>> AMQAuth.ldif. Contents of this file is also present in
>> LDAPAuthorizationMapTest.java.
>>
>> I am not familiar with Spring and I was not able to deduce how to specify
>> module properties in AMQ XML config file. I need help with this and I
>> would
>> very much appreciate the following:
>> - given the LDAPAuthorizationMap.properties file produce XML file
>> - given the LDAPAuthorizationMap.java add code changes to accept
>> properties
>> from XML file above
>>
>> I am pretty much sure that my choice of constructor taking Map as
>> argument
>> is inappropraite but having no knowledge of Spring one choice was as good
>> as
>> another for me.
>>
>> Regards,
>> NGC
>>
>> James.Strachan wrote:
>> >
>> > On 6/29/06, ngcutura <ngcutura@gmail.com> wrote:
>> >>
>> >> Thank you for reply.
>> >>
>> >> There is no <bean class="com.acme..." ... > in security example but
>> this
>> >> is
>> >> quite important.
>> >
>> > Thats just a way to instantiate some JavaBean using regular Spring
>> style
>> > syntax.
>> >
>> >> Is there some default class like DefaultAuthorizationMap?
>> >
>> > Yes -  by all means derive from that if you want.
>> >
>> >> What would this declaration be exactly for the security example you
>> >> referred
>> >> to?
>> >>
>> >> I think I can manage AuthorizationEntry by subclassing it or adding
>> >> another
>> >> parse() method.
>> >
>> > You could ignore the DefaultAuthorizationMap/AuthorizationEntry
>> > entirely and just walk JNDI/LDAP and create a set of GroupPrincipal
>> > POJOs for each group for a given role & destination). It might be
>> > simpler than trying to understand how the DefaultAuthorizationMap.
>> >
>> > Note that DefaultAuthorizationMap is essentially an in-memory cache of
>> > the results; you probably want to look at JNDI/LDAP at runtime to
>> > ensure up to date values.
>> >
>> >> I'll be on vacation next week but I'll continue with the work after
>> the
>> >> WC
>> >> finals. ;-)
>> >
>> > Great! :)
>> >
>> > (Here's hoping England actually start playing football soon...  :-)
>> >
>> >
>> > --
>> >
>> > James
>> > -------
>> > http://radio.weblogs.com/0112098/
>> >
>> >
>> --
>> View this message in context:
>> http://www.nabble.com/LDAP-Authorization-tf1851705.html#a5344494
>> Sent from the ActiveMQ - Dev forum at Nabble.com.
>>
>>
> 
> 
> -- 
> 
> James
> -------
> http://radio.weblogs.com/0112098/
> 
> 
-- 
View this message in context: http://www.nabble.com/LDAP-Authorization-tf1851705.html#a5359733
Sent from the ActiveMQ - Dev forum at Nabble.com.


Mime
View raw message