directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Endi Sukma Dewata" <end...@vergenet.com>
Subject RE: Access to LdapPrincipal constructor
Date Tue, 03 May 2005 16:26:33 GMT

Alex Karasulu wrote:

> Hmmmm.  So to create an LdapPrincipal all you need to do is extend it.
> I should have made it final.  This sounds like the same security
> problem.  But you are right we do need something temporary.  Making the
> constructor public is the same thing.  WDYT should I do this just for now?

Actually what I meant is add the method in the AbstractAuthenticator.

    protected LdapPrincipal createLdapPrincipal( String dn ) {
        LdapName principalDn = new LdapName( dn );
        return new LdapPrincipal( principalDn );
    }

This method would only be available to the subclasses of
AbstractAuthenticator, i.e. the custom Authenticators.

See the sample program for custom Authenticator:
http://directory.apache.org/subprojects/apacheds/users/authentication.html

The authenticate() method now can be implemented this way:

    public LdapPrincipal authenticate( ServerContext ctx ) {
        ...
        return createLdapPrincipal( dn );
    }

This way you can keep LdapPrincipal final and private to the package, but
the custom Authenticators can still use it.

--
Endi S. Dewata


Mime
View raw message