portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Evans" <aaronmev...@gmail.com>
Subject Re: [jira] Updated: (JS2-491) Enhance J2 LDAP Security Documentation
Date Sun, 12 Nov 2006 16:23:40 GMT
Guys,
will Davy's LDAP stuff still work?  I thought maybe it was broken
since there were Java 1.5 specific things in it and Ate had to comment
them out when he applied a patch for JS2-491.

Or are these things completely unrelated?

See svn commit: r454376 (search the archives for r454376):

>JS2-491 patch breaks Jetspeed trunk as it cannot compile/run anymore
on Java 1.4.
>Fixing Java 5 dependencies by (temporarily) commenting out the related code.
>THIS BREAKS THE CURRENT LDAP support!!!

-aaron

On 11/11/06, Davy De Waele (JIRA) <jetspeed-dev@portals.apache.org> wrote:
>      [ http://issues.apache.org/jira/browse/JS2-491?page=all ]
>
> Davy De Waele updated JS2-491:
> ------------------------------
>
>     Attachment: jetspeed LDAP.doc
>
> I've also written up some documentation describing the new LDAP configuration, and the
properties in security-spi-ldap.xml.
>
> Sorry for the MS Word format... Efforts are on the way to convert it into xdoc format
>
> If you have any problems or questions, don't hesitate to contact me.
>
> > Enhance J2 LDAP Security Documentation
> > --------------------------------------
> >
> >                 Key: JS2-491
> >                 URL: http://issues.apache.org/jira/browse/JS2-491
> >             Project: Jetspeed 2
> >          Issue Type: Improvement
> >          Components: Security
> >    Affects Versions: 2.1-dev
> >            Reporter: David Le Strat
> >             Fix For: 2.1-dev
> >
> >         Attachments: jetspeed LDAP.doc, jetspeed-ldap-final.patch, jetspeed2-ldap-11102006.patch,
ldap_patch_with_jdk_fix.patch
> >
> >
> > From Davy De Waele email to the list:
> > Judging from the recent activity on the mailing list I noticed some
> > interest in using LDAP & Jetspeed
> > Some thoughts come to mind:
> > 1. The instructions located at
> > http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/ldap
> > .html are really only applicable for people who are building jetspeed
> > from source.
> > Due to the fact that the security-spi-ldap*.xml files shown there are
> > coming from SVN (interface changes, additional objects in the
> > configuration files that are not in the 2.0 binary release), users who
> > have installed jetspeed2 via the installer attempting to follow these
> > instructions will run into configuration issues.
> > What would be the best way to address this?
> > I think we should make a difference between users who are familiar with
> > Maven, SVN, compiling/building/deploying, and users who just want to
> > get
> > the thing up & running using the installer.
> > Shouldn't we put this information into perspective by:
> > a) Clearly indicating that this is only intended for people building
> > from source
> > b) Provide an additional manual on what needs to be done starting from
> > a
> > binary release (2.0 version)
> >
> > The user would have to
> >           * copy the security-spi-ldap*.xml files (we provide
> > downloadable spring XML files acting as examples)
> >           * remove their default security-spi-atn.xml
> >           * restart tomcat
> >           * preparing their LDAP server
> > As far as LDAP support goes, we should provide instructions on how
> > existing LDAP servers can be used with jetspeed. We can also provide
> > downloadable schema files & LDIF sample data for all major vendors +
> > documentation)
> > I could provide such manuals for OpenLDAP,SunDS and ApacheDS.
> > 2. The major problem that users will be facing today is that encrypted
> > passwords are not supported in the jetspeed2.0 release. Given that this
> > functionality has been committed to the codebase, how do you feel
> > towards providing a downloadable JAR file to users that would act as a
> > replacement for their current jetspeed-security-2.0.jar - doesn't have
> > to be anything official, could be included as a link in the
> > documentation)
> > The user would have to
> >          * replace his jetspeed-security-2.0.jar
> >          * restart tomcat
> > The user would have support for encrypted passwords and group/role
> > membership via LDAP.
> > 3. OpenLDAP schema file
> > I had to add groupOfUniqueNames as a parent to the jetspeed-2-group and
> > jetspeed-2-role objectClasses in order for the group/role assignment to
> > work in OpenLDAP.
> > ApacheDS doesn't really care when objects are created in the LDAP tree
> > containing attributes that aren't defined in the LDAP schema. OpenLDAP
> > does :) I've attached the new jetspeed.schema file.
>
> --
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
> -
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message