Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 13395 invoked from network); 29 Oct 2007 03:41:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 29 Oct 2007 03:41:27 -0000 Received: (qmail 84477 invoked by uid 500); 29 Oct 2007 03:41:14 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 84445 invoked by uid 500); 29 Oct 2007 03:41:14 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 84434 invoked by uid 99); 29 Oct 2007 03:41:14 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 28 Oct 2007 20:41:14 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of enriquer9@gmail.com designates 209.85.146.181 as permitted sender) Received: from [209.85.146.181] (HELO wa-out-1112.google.com) (209.85.146.181) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Oct 2007 03:41:17 +0000 Received: by wa-out-1112.google.com with SMTP id m38so2275938waf for ; Sun, 28 Oct 2007 20:40:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=hGa2Hgdga7BiBCHZKrzn3xWOKc8L55r7slgSn5jcVCE=; b=aENu87eRcwi8w5RtLo5v6g2/zehgfJBt/7FRTWJ8ig3xfWYqdS5imDg8IzDihqfsUW0GzEl9hBI8hQhmwlbwvtLDO/QeylnXhVUXxuoNBcUuPpMyiGhbjj4QaNkCEFE3gZpwL7sNkHmuacen1lxUsJvUm7I5FTtxYJyo9yOFje4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=gLSlSdAaztIfmyoE7eG1Ecx20kBTkntNaB0ULFEyJ6uZb/7GoKkA/EKHOItj7cYR4pnE4bu26yqmasAXuHLaNmf6Plq+PV3pzcS0HefXk+guPlhfxciFiKFB/8QCE2kKDMOuR+Sha+b1edhep8665n6hs0bjVPUj83vGQtWkpJo= Received: by 10.115.88.1 with SMTP id q1mr237149wal.1193629256386; Sun, 28 Oct 2007 20:40:56 -0700 (PDT) Received: by 10.115.60.6 with HTTP; Sun, 28 Oct 2007 20:40:56 -0700 (PDT) Message-ID: <568753d90710282040x7655ad4ob3091fd378e788fc@mail.gmail.com> Date: Sun, 28 Oct 2007 20:40:56 -0700 From: "Enrique Rodriguez" Reply-To: erodriguez@apache.org To: "Apache Directory Developers List" Subject: Re: Apache DS latest code from the trunks 1.5.1x In-Reply-To: <50589a6e0710250714w63d7be57w5c9409b083850b80@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <596005.7917.qm@web51004.mail.re2.yahoo.com> <568753d90710241226t6438f1bcj7188698788cf76e2@mail.gmail.com> <50589a6e0710250714w63d7be57w5c9409b083850b80@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org On 10/25/07, Abdullah Zahur wrote: > Thanks for the help. Yes that was the problem and I will use the users list > to post questions too. Basically what I am tring to do is modify ApacheDS, > in such a way that it uses some other directory... other than the datastore > of apacheDs to lookup users and their information. > Can you give me some pointers. > I was thinking that would it be easier, if I use referrals, to look up users > then I might not have to modfiy anything in apacheDs what are you thoughts There is an interface called PrincipalStore that you could easily implement with an alternate backend. We re-implement it with a HashMap to do full-protocol tests without having to fire-up the ApacheDS backend. As for referrals, I haven't tried this and I'm not sure what the current state of ApacheDS is w.r.t. referral support. I doubt the current PrincipalStore implementation we use would know what to do if it finds a referral instead of the expected Kerberos principal. BTW, prior to ApacheDS 1.5.1 the LDIF loader was "Kerberos aware," which is why your old way of loading principals no longer worked. The drawback to that mechanism was you could only load principals via LDIF. Now LDIF loads, LDAP changes, and the Change Password protocol all use the interceptor. Enrique