directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: Access to LdapPrincipal constructor
Date Tue, 03 May 2005 17:30:22 GMT
Endi Sukma Dewata wrote:

>Alex Karasulu wrote:
>
>  
>
>>Hmmmm.  So to create an LdapPrincipal all you need to do is extend it.
>>I should have made it final.  This sounds like the same security
>>problem.  But you are right we do need something temporary.  Making the
>>constructor public is the same thing.  WDYT should I do this just for now?
>>    
>>
>
>Actually what I meant is add the method in the AbstractAuthenticator.
>
>    protected LdapPrincipal createLdapPrincipal( String dn ) {
>        LdapName principalDn = new LdapName( dn );
>        return new LdapPrincipal( principalDn );
>    }
>
>This method would only be available to the subclasses of
>AbstractAuthenticator, i.e. the custom Authenticators.
>  
>
This is perfect!  Keeps things safe.  Good tip. 

>See the sample program for custom Authenticator:
>http://directory.apache.org/subprojects/apacheds/users/authentication.html
>
>The authenticate() method now can be implemented this way:
>
>    public LdapPrincipal authenticate( ServerContext ctx ) {
>        ...
>        return createLdapPrincipal( dn );
>    }
>
>This way you can keep LdapPrincipal final and private to the package, but
>the custom Authenticators can still use it.
>  
>
Excellent I will add this right now.

Alex


Mime
View raw message