directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <>
Subject Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing
Date Tue, 16 Jan 2007 14:10:28 GMT
David Jencks wrote:
> A while back I moved the sandbox triplesec branches to directory trunk 
> because I couldn't get anything to work using released versions but 
> could against trunk.  However with the recent changes to bootstrap 
> schema processing I strongly suspect that everything broke.  I managed 
> to get some of the tests to compile but I don't trust the code I came up 
> with.  If someone (Alex) could take a look at one of these tests I'd 
> appreciate it.

What I will do is go into the trunks today and fix triplesec.  I'm on 
and off site today though so bear with me.


> All my recent work has been in sandbox/triplesec-jacc2; 
> sandbox/triplesec-jacc is primarily a monument to my newby mistakes.
> The best examples are probably the tests in triplesec-store.
> BTW I got annoyed at the code in admin-api and wrote something that's 
> sort of a object-ldap mapping framework inspired by (my poor 
> understanding of) jdo/jpa.  It doesn't do enhancement or read metadata 
> from xml so you have to write java code to install that, but the 
> persistence stuff is then pretty automatic.  I'm sure there are parts I 
> forgot plus plenty of bugs, but it seems to deal ok with:
> -"pojos" that correspond to subcontexts/entries in ldap with single and 
> multivalued attributes.
> -collections that correspond to children of an entry, such as the 
> permissions under an application.  These can be separated by e.g. an 
> ou=permissions (or anything else that is single-valued and not mapped). 
> These are modeled as maps with the key being the dn component.
> -collections that correspond to multivalued attributes where the values 
> are keys into a "child map" as just described.  Again these are modeled 
> as maps.  An example in triplesec is the grants/denials for a role, 
> these are multivalued attributes where the values are the permission ids 
> for the actual permission under the application.
> To confuse the issue this code is in admin-api2 whereas the original is 
> in admin-api and only admin-api2 is compiled at the moment.
> thanks
> david jencks

View raw message