portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Evans" <aaronmev...@gmail.com>
Subject Re: Jetspeed 2 with LDAP
Date Thu, 08 Jun 2006 18:06:27 GMT
AFAIK, the default implementation only implements the Authentication
SPI components (UserSecurityHandler, CredentialHandler), *not* the
Authorization SPI components (RoleSecurityHandler,
GroupSecurityHandler, SecurityMappingHandler).  This is of course
unless someone has implemented them since.

So when you use it in that capacity, your usernames and passwords
would be stored in LDAP, but the role and group associations would be
stored in jetspeeds database.

I have implemented all of the ATN and ATZ SPI components to connect to
my OpenLDAP custom schema.   It is not that difficult if you follow
the default components as an example.

Unfortunately, in order to get these  components built quickly, I used
my own proprietary data access layer API instead of spring DAO.

I would very much like to learn spring DAO at some point and retro-fit
these to use spring DAO and then donate the code but unfortunatley my
company is the eternal whip cracker and I have no time to do this
right now.  That and my wife and I are preparing for a baby.  Hey,
maybe during my pat leave! Now there's an idea!

Also, i was thinking that I might try my hand at authoring a "Guide to
implementing custom ATN/ATZ components".   It really isn't that
difficult if you follow the default implementations as a guide, but I
think a document around this would reassure people...










On 6/8/06, David Sean Taylor <david@bluesunrise.com> wrote:
> Brice Lambi wrote:
> > What do I need to do to populate the roles, groups and permissions?  The
> > sample ldif file in the ldap doc only adds one admin user.  I've tried
> > cloning what is in the default jetspeed install by making a admin, user and
> > manager role.  This didn't seem to work for me.  There are a couple of docs
> > that give tutorials on how to set up the Apache DS, but it looks like that
> > server has been down for some time.
> >
> > How does the role name need to be configured?  In the jetspeed.schema file
> > distributed with the source, a jetspeed-role requires a uid.  Is the uid
> > the
> > name of the role?  I would be happy to document this process once I get
> > this
> > all figured out.
> >
> > Thanks,
> > Brice
> >
> I haven't tried integrating roles into LDAP
> The example we provide only populates the one user, and then allows you
> to login over LDAP. Im sure you can populate the roles and groups as
> well, I've just never tried it. I would follow the same pattern as for
> users, where  the uid is set to the username, do the same for roles
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message