directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: Access to LdapPrincipal constructor
Date Sat, 30 Apr 2005 03:02:04 GMT
Endi Sukma Dewata wrote:

> Hi,
>
>  
>
> I just found out that the access to LdapPrincipal constructor has been 
> restricted to the package only. This is a problem because any custom 
> Authenticator would need to create and return an LdapPrincipal object 
> in the authenticate() method. See the example under Custom Authenticator:
>
>  
>
> http://directory.apache.org/subprojects/apacheds/users/authentication.html.
>
>  
>
> Is there a specific example where making the constructor publicly 
> accessible would pose a security problem? Any suggestions on how to 
> resolve this? Thanks a lot.
>
Ahh yeah I thought I confronted this at some point.  I have to refresh 
myself.  Basically LdapPrincipal can only be created by the Auth service 
you are right.  This is for security reasons and the reason while we 
keep it package friendly.  I know I made some kind of changes to 
accommodate a way for your Authenticators to be ok with this.

Will post back in a bit....

Alex


Mime
View raw message