directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: [LDAP] Merging server-ssl with protocol-ldap
Date Sat, 10 Mar 2007 08:42:54 GMT
Enrique Rodriguez a écrit :

>
> OK, I moved the ITest for SSL to server-unit, the SSL code to
> protocol-ldap, deleted server-ssl, and I touched up everything to make
> the branch build again.

Great !

>
> The more I see how ITests are being aggregated in server-unit, the
> more it makes sense to me.  I'll put my SASL ITest there, as well.  I
> wrote some new Start TLS integration tests, as well, to test
> downgrading and the combined Start TLS + SASL.

ATM, we use ITest embedding ADS and running tests. This allow us to be 
sure that we have a working server, without having to launch a server 
beside. At some point, it may be overkilling, because it takes a hell of 
time (15 mins on my computer), but we can live with it right now.

>
> My SASL code is now committed, except for my integration tests (which
> require a running server).  I'll update them to use AbstractServerTest
> and get that committed shortly.  I also still have my own Start TLS
> code, which works but doesn't do authentication downgrading.  I'll
> wait for the OK on the grant and then I volunteer to integrate Start
> TLS, move its ITest, and make sure StartTLS + SASL still works.
>
> If you want to start looking at SASL, the class 'BindHandlerChain'
> gives you the big picture.  Then look at the first "chain link":
> ConfigureChain.  I know TODOs are bad, but I piled all the hardcoded
> config with TODOs and comments there.  From there the config can get
> integrated into the core config/server.xml infrastructure.

I have dowloaded the branch, and looked at it yesturday. The chaining 
seems pretty neet. I still have to understand the whole picture, but the 
page you have put on cwiki is a really good start. I think I will try to 
add some doco (I find it pretty usefull to document someone else code 
because it shows how the code can be understood, and also as it's a 
fresh view, it's a kind of double check of the code).

Don't worry to much about TODOs, we have some in the trunk. At least, 
this is a good marker for things to be fixed !

Emmanuel.

>
> Enrique
>


Mime
View raw message