directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Garbage <garb...@gmx.de>
Subject Re: [ApacheDS] lost with decision where to implement custom permission
Date Wed, 06 Jun 2012 04:39:19 GMT
Am 06.06.2012 um 05:16 schrieb Emmanuel L├ęcharny <elecharny@gmail.com>:

> Definitively go for 2.0. The API has changed a lot, but this is (hopefully) for the best.
> 
> Sadly, the documentation is not following the code modification pace :/
> 
> Do you have any specific question ?

Thanks for that information, this might be the explanation why I got lost in the transition
from 1.5.5 to 2.0: I simply didn't understand what changes were to see. So I will head for
2.0, I expected that answer ;-)

But I still have these questions:

1. Can M7 be considered stable enough for giving it a chance in a productive system?

I only need ApacheDS to sit there and wait for incoming connections and forward them to my
custom partition. There is no need for replication and all the other fancy stuff ApacheDS
is able to do.

2. Where should I start off in order to create a partition that uses data from my java objects
and sends it back to the client ?

Some details to explain what I'm after: I need to integrate a google search appliance with
at least three different directories. One is based on LDAP, one can be accessed via a web
service and the other has a SQL interface. I discussed this topic on stackoverflow and even
posted a question on the developer list of ApacheDS, back then I intended to use an interceptor
but now I believe that a custom partition will be a much better solution. The easiest way
to integrate these directories will be a LDAP interface because the GSA is able to connect
to LDAP, the queries can be configured.
The main idea is to write a partition that listens on access to ou=user and answers to queries
that follow this pattern: (username=johndoe). It should then deliver the two attributes distinguishedName
and mail. 
In a second step the GSA will send a query that looks like this: (member=distinguishedName).
The expected answer will then be a list of dns of groups the user belongs to. This information
will be delivered by my java code and can be considered a blackbox. Just think of it returning
a string array of groups in ldap format.



Mime
View raw message