roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glen Mazza (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ROL-2042) email and username fields from LDAP
Date Fri, 25 Jul 2014 23:38:38 GMT

    [ https://issues.apache.org/jira/browse/ROL-2042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14075136#comment-14075136
] 

Glen Mazza commented on ROL-2042:
---------------------------------

This needs more work, first files must be space-padded, no tab characters (4 spaces for tabs)
-- that my IDE can fix quickly.  Also, member variables should be private or protected, you
have them package-protected  (String screenName instead of private String screenName) in LDAPUserDetails
and then directly modified istead of using setters() in LDAPUserDetailsMapper -- yuck, but
that, also, I can fix.

But your security.xml has this commented-out in context-source: 
		<!-- <beans:property name="userDn" value="" /> 
             <beans:property name="password" value="" /> -->
What am I supposed to read from that -- it's irrelevant, no longer needed, or?

Also, in your LDAPUserDetailMapper, you have this implementation for mapUserToContext:

	@Override
	public void mapUserToContext(UserDetails arg0, DirContextAdapter arg1) {
		int x = 7;
	}

What does that mean?

Finally, your implementation of LDAPUserDetails isn't honoring the non-Null contract for the
accessors that you don't care about here (http://docs.spring.io/spring-security/site/docs/3.0.x/apidocs/org/springframework/security/core/userdetails/UserDetails.html)
-- it looks like you're going to have to extend Spring's User or LDAPUserDetailsImpl to make
sure that contract is honored, instead of just implementing UserDetails directly.

> email and username fields from LDAP
> -----------------------------------
>
>                 Key: ROL-2042
>                 URL: https://issues.apache.org/jira/browse/ROL-2042
>             Project: Apache Roller
>          Issue Type: Improvement
>          Components: Authentication, Roles and Access Controls
>    Affects Versions: 5.1
>            Reporter: J├╝rgen Weber
>            Assignee: Roller Unassigned
>         Attachments: CustomUserRegistry.patch, LDAPUserDetails.java, LDAPUserDetailsMapper.java,
security.xml
>
>
> Current implementation of LDAP based Spring security does not retrieve email and name
attributes from LDAP.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message