directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: PasswordHidden parameter
Date Tue, 12 Oct 2010 07:33:02 GMT
On Tue, Oct 12, 2010 at 12:18 PM, Emmanuel Lecharny <elecharny@gmail.com> wrote:
>  On 10/12/10 8:36 AM, Pierre-Arnaud MARCELOT wrote:
>>
>> Hi,
>>
>> I agree that it could be interesting to have this kind of feature.
>>
>> Wouldn't it be more interesting to have the ability to give a list of
>> specific ATs that should be hidden instead.
>> We have that in Studio and it gives much more power and flexibility.
>
> That's a pretty good idea.
>
> However, I think that this kind of protection can be better handled by the
> ACI subsystem. Atm, as it's a bit broken, I'd like to keep this parameter
> along until we have a better way to manage ATs.
>
> That also means the move was not stupid, it's just that it's temporarily
> useful, and probably easier to manage than a global ACI.
before actually removing it I have checked for the references to the
isPasswordHidden()
method present in the DirectoryService but sadly I missed that the
SearchHandler uses it,
so it should be reverted (I ran the integ tests but without building
protocol-ldap so didn't find this issue) cause the build is broken
now, I should have checked by doing a full build, sorry for the
trouble if anyone had with a broken trunk.

OTOH, I think enforcing this feature with ACI seems to be the better way

>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>



Kiran Ayyagari

Mime
View raw message