portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Le Strat <dlest...@yahoo.com>
Subject Re: Jetspeed 2 with LDAP
Date Fri, 09 Jun 2006 14:49:25 GMT
Authorization should now work with LDAP.  Most handlers and unit tests have been implemented
for LDAP security.  The unit tests are available at:

http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/

To activate this with Jetspeed, you will need to modify the XML SPI config files to leverage
the correct implementations.  That's where I stopped, there may be some tweaks required to
get this to work with the webapp.

Regards,

David Le Strat
 
________________________David Le Strat
Blogging @ http://dlsthoughts.blogspot.com

----- Original Message ----
From: David Sean Taylor <david@bluesunrise.com>
To: Jetspeed Developers List <jetspeed-dev@portals.apache.org>
Sent: Thursday, June 8, 2006 5:38:37 PM
Subject: Re: Jetspeed 2 with LDAP

Aaron Evans wrote:
> AFAIK, the default implementation only implements the Authentication
> SPI components (UserSecurityHandler, CredentialHandler), *not* the
> Authorization SPI components (RoleSecurityHandler,
> GroupSecurityHandler, SecurityMappingHandler).  This is of course
> unless someone has implemented them since.

Take a look at Mike Long's contributions.
He wrote an LDAP DAO layer as well as an LdapRoleSecurityHandler and 
LdapGroupSecurityHandler

I have not tested it out, not sure if its ready

> 
> So when you use it in that capacity, your usernames and passwords
> would be stored in LDAP, but the role and group associations would be
> stored in jetspeeds database.
> 
> I have implemented all of the ATN and ATZ SPI components to connect to
> my OpenLDAP custom schema.   It is not that difficult if you follow
> the default components as an example.
> 
> Unfortunately, in order to get these  components built quickly, I used
> my own proprietary data access layer API instead of spring DAO.

Mike's implementation is all configured with Spring

> 
> I would very much like to learn spring DAO at some point and retro-fit
> these to use spring DAO and then donate the code but unfortunatley my
> company is the eternal whip cracker and I have no time to do this
> right now.  That and my wife and I are preparing for a baby.  Hey,
> maybe during my pat leave! Now there's an idea!
> 
> Also, i was thinking that I might try my hand at authoring a "Guide to
> implementing custom ATN/ATZ components".   It really isn't that
> difficult if you follow the default implementations as a guide, but I
> think a document around this would reassure people...
> 
Finding the time to write documentation is the difficult part.
Documentation is always welcome, and now you have perfect opportunity ;)



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org






---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message