Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 576E9BC78 for ; Thu, 12 Jan 2012 13:02:16 +0000 (UTC) Received: (qmail 84936 invoked by uid 500); 12 Jan 2012 13:02:15 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 84689 invoked by uid 500); 12 Jan 2012 13:02:05 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 83435 invoked by uid 99); 12 Jan 2012 13:01:59 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Jan 2012 13:01:59 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of akarasulu@gmail.com designates 74.125.82.44 as permitted sender) Received: from [74.125.82.44] (HELO mail-ww0-f44.google.com) (74.125.82.44) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Jan 2012 13:01:49 +0000 Received: by wgbds12 with SMTP id ds12so1759760wgb.1 for ; Thu, 12 Jan 2012 05:01:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=52uWdGapSRygYI8+4sXG2LYzwIJ91F8uwA2a5kEvxCU=; b=Y4IFQYtNPIRqanBGg/Hbbmckwiy+VQXyJTGweO5N0RWq6hB407uNrwA0OjldvvNfQr gDYIhhHiOv78v03pl3lahPqSmUu3IOu7TJu/dm383HL+0aXli28JMZt2aH1aLbBj9T4k Jt/ljVeNcaLySWGEvjCX7/moXBwhIcFdHEmWA= MIME-Version: 1.0 Received: by 10.180.95.199 with SMTP id dm7mr5905196wib.9.1326373289424; Thu, 12 Jan 2012 05:01:29 -0800 (PST) Sender: akarasulu@gmail.com Received: by 10.180.106.69 with HTTP; Thu, 12 Jan 2012 05:01:29 -0800 (PST) In-Reply-To: References: Date: Thu, 12 Jan 2012 15:01:29 +0200 X-Google-Sender-Auth: wCXu03Omp3TYuLKRQ3EagI3JWbw Message-ID: Subject: Re: How Authenticators and PasswordPolicies will be managed in new component design. From: Alex Karasulu To: Apache Directory Developers List Content-Type: multipart/alternative; boundary=f46d041825cec1769a04b65458e7 X-Virus-Checked: Checked by ClamAV on apache.org --f46d041825cec1769a04b65458e7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Tue, Jan 10, 2012 at 2:33 AM, G=F6kt=FCrk Gezer wrote: > Hi Again, > > It seems lots of things are structured like that. Partitions,servers are > all have inner entries.There are partition-indexes and transports those > have same problem. I must develop some way to allow such structure. > Component-hub must have component type specific code to handle these > things. So i'll work on that before everything. But you can still say if > Authenticators must be extensible.... > > Regards, > Gokturk > > Hi All, Gokturk and I had a discussion yesterday regarding this topic. Basically authenticators and password policies can be considered top level configurable elements unlike indices for example that are specifically tied to their partitions. Although Authenticators and PasswordPolicies are managed under the AuthenticationInterceptor they are top level elements. The AuthenticationInterceptor just happens to be where functionally their maintenance made sense in the past. This might change and we might manage these in the DirectoryService to denote their first class component status. However PPs and Authenticators are clearly different from a Partition's Index which is really tied to the partition where as these components are not really tied the AuthenticationInterceptor. I think this makes me believe that the AuthenticationInterceptor should not manage these components but just leverage them by accessing them from the DirectoryService. The DirectoryService should really manage these top level components. Thoughts? Regards, Alex --f46d041825cec1769a04b65458e7 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

On Tue, Jan 10, 2012 at 2:33 AM, G=F6kt= =FCrk Gezer <gokturk.gezer@gmail.com> wrote:
Hi Again,

It seems lots of things are structured like th= at. Partitions,servers are all have inner entries.There are partition-index= es and transports those have same problem. I must develop some way to allow= such structure. Component-hub must have component type specific code to ha= ndle these things. So i'll work on that before everything. But you can = still say if Authenticators must be extensible....

Regards,
Gokturk


Hi All,

Gokt= urk and I had a discussion yesterday regarding this topic. Basically authen= ticators and password policies can be considered top level configurable ele= ments unlike indices for example that are specifically tied to their partit= ions.

Although Authenticators and PasswordPolicies are manage= d under the AuthenticationInterceptor they are top level elements. The Auth= enticationInterceptor just happens to be where functionally their maintenan= ce made sense in the past. This might change and we might manage these in t= he DirectoryService to denote their first class component status. However P= Ps and Authenticators are clearly different from a Partition's Index wh= ich is really tied to the partition where as these components are not reall= y tied the AuthenticationInterceptor.

I think this makes me believe that the AuthenticationIn= terceptor should not manage these components but just leverage them by acce= ssing them from the DirectoryService. The DirectoryService should really ma= nage these top level components.

Thoughts?=A0

Regards,
Alex
--f46d041825cec1769a04b65458e7--