activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Strachan" <james.strac...@gmail.com>
Subject Re: LDAP Authorization
Date Mon, 17 Jul 2006 07:30:09 GMT
Sounds great! I didn't see an attachment - I wonder it might be easier
if you raised a JIRA and attached your zip to the JIRA issue?

On 7/15/06, ngcutura <ngcutura@gmail.com> wrote:
>
> Hi all,
>
> I followed James' advice and created simple LDAPAuthorizationMap. It has no
> support for wildcards or composite destinations at the moment.
>
> Attached is a zip archive with 4 files:
> LdapAuth.zip
> - LDAPAuthorizationMap.java (module code)
> - LDAPAuthorizationMapTest.java (module test)
> - LDAPAuthorizationMap.properties (list of module properties)
> - AMQAuth.ldif (sample directory used for testing)
>
> Module works through JUnit tests. To run the tests you need to setup a
> directory. I used ApacheDS; export of my sample directory is in the file
> AMQAuth.ldif. Contents of this file is also present in
> LDAPAuthorizationMapTest.java.
>
> I am not familiar with Spring and I was not able to deduce how to specify
> module properties in AMQ XML config file. I need help with this and I would
> very much appreciate the following:
> - given the LDAPAuthorizationMap.properties file produce XML file
> - given the LDAPAuthorizationMap.java add code changes to accept properties
> from XML file above
>
> I am pretty much sure that my choice of constructor taking Map as argument
> is inappropraite but having no knowledge of Spring one choice was as good as
> another for me.
>
> Regards,
> NGC
>
> James.Strachan wrote:
> >
> > On 6/29/06, ngcutura <ngcutura@gmail.com> wrote:
> >>
> >> Thank you for reply.
> >>
> >> There is no <bean class="com.acme..." ... > in security example but this
> >> is
> >> quite important.
> >
> > Thats just a way to instantiate some JavaBean using regular Spring style
> > syntax.
> >
> >> Is there some default class like DefaultAuthorizationMap?
> >
> > Yes -  by all means derive from that if you want.
> >
> >> What would this declaration be exactly for the security example you
> >> referred
> >> to?
> >>
> >> I think I can manage AuthorizationEntry by subclassing it or adding
> >> another
> >> parse() method.
> >
> > You could ignore the DefaultAuthorizationMap/AuthorizationEntry
> > entirely and just walk JNDI/LDAP and create a set of GroupPrincipal
> > POJOs for each group for a given role & destination). It might be
> > simpler than trying to understand how the DefaultAuthorizationMap.
> >
> > Note that DefaultAuthorizationMap is essentially an in-memory cache of
> > the results; you probably want to look at JNDI/LDAP at runtime to
> > ensure up to date values.
> >
> >> I'll be on vacation next week but I'll continue with the work after the
> >> WC
> >> finals. ;-)
> >
> > Great! :)
> >
> > (Here's hoping England actually start playing football soon...  :-)
> >
> >
> > --
> >
> > James
> > -------
> > http://radio.weblogs.com/0112098/
> >
> >
> --
> View this message in context: http://www.nabble.com/LDAP-Authorization-tf1851705.html#a5344494
> Sent from the ActiveMQ - Dev forum at Nabble.com.
>
>


-- 

James
-------
http://radio.weblogs.com/0112098/

Mime
View raw message