directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Endi Sukma Dewata" <end...@vergenet.com>
Subject AbstractAuthenticator.createLdapPrincipal()
Date Mon, 17 Oct 2005 18:57:13 GMT
Hi,

I just updated the latest code and noticed that the createLdapPrincipal()
method in the AbstractAuthenticator class has been commented out because
it's not used anywhere in the ApacheDS code. This method is actually needed
by custom authenticators. See rev. #167943 and
http://wiki.apache.org/directory/ApacheDirectoryServer.

Upon a successful authentication, an authenticator needs to return an
instance of LdapPrincipal. However, the LdapPrincipal class only has 2
constructors which aren't accessible outside the o.a.l.s.authn package. So,
to circumvent this restriction, custom authenticators must call the
createLdapPrincipal() provided by the AbstractAuthenticator.

In my opinion, restricting the LdapPrincipal constructors like now is
unnecessary. If the purpose is to protect from malicious code, it won't work
because someone can just create a subclass of AbstractAuthenticator and
provide arbitrary access to createLdapPrincipal(). A constructor should be
protected only if we want to control the instance creation programmatically,
but not to create a "sandbox". I think we should restore public access to
the LdapPrincipal constructors and implement policy permissions or security
manager.

Any comments would be greatly appreciated. Thanks.


--
Endi S. Dewata



Mime
View raw message