directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antoine Levy-Lambert <>
Subject Re: Writing a specific Authenticator, and add some configuration for iy
Date Fri, 19 Nov 2010 14:46:37 GMT
  On 11/19/2010 4:41 AM, Emmanuel Lecharny wrote:
> Hi guys,
> yesterday, we had an interesting convo with Antoine, about the 
> definition of a dedicated Authenticator, and how to configure it.
> First, the Authenticator interface can be implemented but it's 
> probably a better idea to extend the AbstractAuthenticator, as it 
> brings some references to teh underlying DirectoryService for free, 
> plus some default implementations to init and dispose the 
> Authenticator. One thing to take care of is the PasswordPolicy which 
> can be enabled or disabled. We have to determinate the best way to 
> deal with this service.
Thanks, will extend AbstractAuthenticator then.
> Another aspect is the Authenticator configuration : how to inject it 
> and have it available when the server is stopped and restarted? The 
> solution is probably to extend the existing configuration, which is 
> based on the DIT. That means defining a specific Bean, plus the 
> associated OC and AT. We have to think about it, and I would suggest 
> we try to write a prototype that demonstrates the way to extend the 
> configuration. It has to be documented, as the Authenticator is an 
> extension point.
I need to configure at least the host and the port to which the 
delegation happens. The class name of the new authenticator will be DN 
where I work is CN=Antoine Lambert, OU=132, OU=Users, OU=NYCSite, 
Maybe the DelegatingAuthenticator could work optionally with DN patterns.
> I'm pretty sure it's not such a big deal, but we need time, and we 
> have littel :) I would suggest we follow closely Antoine's effort and 
> try to leverage what he is doing to improve the server *and* the 
> documentation...
> Thanks !
Thanks too,


View raw message