portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brice Lambi" <bricela...@gmail.com>
Subject Re: Jetspeed 2 with LDAP
Date Thu, 08 Jun 2006 18:37:12 GMT
A document like that would be great.  I wouldn't mind implementing role and
group security through LDAP.  It would be nice to have a guide to start
from.  Good luck with the new baby!

Thanks,
Brice


On 6/8/06, Aaron Evans <aaronmevans@gmail.com> wrote:
>
> AFAIK, the default implementation only implements the Authentication
> SPI components (UserSecurityHandler, CredentialHandler), *not* the
> Authorization SPI components (RoleSecurityHandler,
> GroupSecurityHandler, SecurityMappingHandler).  This is of course
> unless someone has implemented them since.
>
> So when you use it in that capacity, your usernames and passwords
> would be stored in LDAP, but the role and group associations would be
> stored in jetspeeds database.
>
> I have implemented all of the ATN and ATZ SPI components to connect to
> my OpenLDAP custom schema.   It is not that difficult if you follow
> the default components as an example.
>
> Unfortunately, in order to get these  components built quickly, I used
> my own proprietary data access layer API instead of spring DAO.
>
> I would very much like to learn spring DAO at some point and retro-fit
> these to use spring DAO and then donate the code but unfortunatley my
> company is the eternal whip cracker and I have no time to do this
> right now.  That and my wife and I are preparing for a baby.  Hey,
> maybe during my pat leave! Now there's an idea!
>
> Also, i was thinking that I might try my hand at authoring a "Guide to
> implementing custom ATN/ATZ components".   It really isn't that
> difficult if you follow the default implementations as a guide, but I
> think a document around this would reassure people...
>
>
>
>
>
>
>
>
>
>
> On 6/8/06, David Sean Taylor <david@bluesunrise.com> wrote:
> > Brice Lambi wrote:
> > > What do I need to do to populate the roles, groups and
> permissions?  The
> > > sample ldif file in the ldap doc only adds one admin user.  I've tried
> > > cloning what is in the default jetspeed install by making a admin,
> user and
> > > manager role.  This didn't seem to work for me.  There are a couple of
> docs
> > > that give tutorials on how to set up the Apache DS, but it looks like
> that
> > > server has been down for some time.
> > >
> > > How does the role name need to be configured?  In the jetspeed.schemafile
> > > distributed with the source, a jetspeed-role requires a uid.  Is the
> uid
> > > the
> > > name of the role?  I would be happy to document this process once I
> get
> > > this
> > > all figured out.
> > >
> > > Thanks,
> > > Brice
> > >
> > I haven't tried integrating roles into LDAP
> > The example we provide only populates the one user, and then allows you
> > to login over LDAP. Im sure you can populate the roles and groups as
> > well, I've just never tried it. I would follow the same pattern as for
> > users, where  the uid is set to the username, do the same for roles
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> > For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message