directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gianmaria Clerici" <gcler...@bridgestream.com>
Subject ACL/ACI testing in 0.9.3
Date Tue, 31 Jan 2006 23:58:29 GMT
I have been testing some of the examples from AddAuthorizationTest,java
and I am not able to get them to work when I have an actual LDAP server
running.

 

The examples in AddAuthorizationTest.java will use the class
org.apache.ldap.server.jndi.CoreContextFactory as the
INITIAL_CONTEXT_FACTORY, and they seem to work fine.

 

But if I start my own LDAP server (with accessControlEnabled set to
true) and change AddAuthorizationTest.java to use
com.sun.jndi.ldap.LdapCtxFactory instead, the tests will fail when
trying to bind with:

javax.naming.NoPermissionException: [LDAP: error code 50 - Bind failed]

 

I wonder if they have never been tested with
com.sun.jndi.ldap.LdapCtxFactory.

 

I also have a question.

 

The way we would like to use ACL/ACI is to generate on the fly
accessControlSubentry (in our  custom partition), based on the
credentials. 
But, as we all know, only the search API will have a Map with the
environment (which includes the credentials info).

 

So it will be impossible to generate accessControlSubentry, based on the
credentials, for other very important API like modify and so on.

 

Any ideas on how to solve this problem ?

 

 

 

 

 


Mime
View raw message