Return-Path: 
 <continuum-dev-return-5762-apmail-maven-continuum-dev-archive=maven.apache.org@maven.apache.org>
Delivered-To: apmail-maven-continuum-dev-archive@www.apache.org
Received: (qmail 81946 invoked from network); 27 Feb 2007 15:09:45 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 27 Feb 2007 15:09:45 -0000
Received: (qmail 75235 invoked by uid 500); 27 Feb 2007 15:09:53 -0000
Delivered-To: apmail-maven-continuum-dev-archive@maven.apache.org
Received: (qmail 75209 invoked by uid 500); 27 Feb 2007 15:09:53 -0000
Mailing-List: contact continuum-dev-help@maven.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:continuum-dev-help@maven.apache.org>
List-Unsubscribe: <mailto:continuum-dev-unsubscribe@maven.apache.org>
List-Post: <mailto:continuum-dev@maven.apache.org>
List-Id: <continuum-dev.maven.apache.org>
Reply-To: continuum-dev@maven.apache.org
Delivered-To: mailing list continuum-dev@maven.apache.org
Received: (qmail 75198 invoked by uid 99); 27 Feb 2007 15:09:53 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Feb 2007 07:09:53 -0800
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (herse.apache.org: local policy)
Received: from [212.79.178.30] (HELO ikarus.tarent.de) (212.79.178.30)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Feb 2007 07:09:41 -0800
Received: from localhost (localhost [127.0.0.1])
	by ikarus.tarent.de (Postfix) with ESMTP id 91EAA7F54D3
	for <continuum-dev@maven.apache.org>; Tue, 27 Feb 2007 16:09:14 +0100 (CET)
Received: from ikarus.tarent.de ([127.0.0.1])
	by localhost (ikarus.tarent.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 29336-05 for <continuum-dev@maven.apache.org>;
	Tue, 27 Feb 2007 16:09:04 +0100 (CET)
Received: from [192.168.165.160] (unknown [192.168.165.160])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ikarus.tarent.de (Postfix) with ESMTP id 74B527F471C
	for <continuum-dev@maven.apache.org>; Tue, 27 Feb 2007 16:09:02 +0100 (CET)
Message-ID: <45E44998.5060300@tarent.de>
Date: Tue, 27 Feb 2007 16:09:12 +0100
From: David Goemans <d.goemans@tarent.de>
User-Agent: Thunderbird 1.5.0.9 (X11/20070104)
MIME-Version: 1.0
To: continuum-dev@maven.apache.org
Subject: Using LDAP for authentication
X-Enigmail-Version: 0.94.0.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Auf Viren geprueft auf tarent.de
X-Virus-Checked: Checked by ClamAV on apache.org

Hi,

I want to use LDAP to authenticate on Continuum. I tried to write a own
RBAC-Manager and wanted to configure it in the file "components.xml" of
the subproject continuum-security as follow:

<!-- RBAC Manager, cached ldap -->
<component>
<role>org.codehaus.plexus.security.rbac.RBACManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.security.authorization.rbac.store.cached.CachedRbacManager</implementation>
<description>CachedRbacManager is a wrapped RBACManager with
caching.</description>
<requirements>
<requirement>
	<role>org.codehaus.plexus.security.rbac.RBACManager</role>
	<role-hint>ldap</role-hint>
	<field-name>rbacImpl</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>operations</role-hint>
	<field-name>operationsCache</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>permissions</role-hint>
	<field-name>permissionsCache</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>resources</role-hint>
	<field-name>resourcesCache</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>roles</role-hint>
	<field-name>rolesCache</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>userAssignments</role-hint>
	<field-name>userAssignmentsCache</field-name>
</requirement>
<requirement>
	<role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
	<role-hint>userPermissions</role-hint>
	<field-name>userPermissionsCache</field-name>
</requirement>
</requirements>
</component>

<component>
      <role>org.codehaus.plexus.security.rbac.RBACManager</role>
      <role-hint>ldap</role-hint>
      <implementation>"my implementation"</implementation>
      <description>JdoRbacManager:</description>
      <requirements>
        <requirement>        	
	  <role>
       org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool
	  </role>
          <field-name>jdo</field-name>
        </requirement>
      </requirements>
</component>
<component>   	
 	<role>
       org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool
        </role>  		              	
        <implementation>
       org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool
        </implementation>
        <description>JdoTool - RBAC JDO Tools.</description>
        <requirements>
        	<requirement>
          		<role>org.codehaus.plexus.jdo.JdoFactory</role>
          		<role-hint>users</role-hint>
          		<field-name>jdoFactory</field-name>
        	</requirement>
      </requirements>
</component>

The continuum uses now my implementation, but no roles, permissions, etc
are defined. How can I configure the continuum roles, permissions, etc
in the components.xml-file.

My implementation extends the 	
"org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoRbacManager",
  because I only want to authenticate on LDAP if the user isn't saved in
the Database.

greetz
  David