You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by David Jencks <da...@yahoo.com> on 2007/01/16 09:40:58 UTC
[TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing
A while back I moved the sandbox triplesec branches to directory
trunk because I couldn't get anything to work using released versions
but could against trunk. However with the recent changes to
bootstrap schema processing I strongly suspect that everything
broke. I managed to get some of the tests to compile but I don't
trust the code I came up with. If someone (Alex) could take a look
at one of these tests I'd appreciate it.
All my recent work has been in sandbox/triplesec-jacc2; sandbox/
triplesec-jacc is primarily a monument to my newby mistakes.
The best examples are probably the tests in triplesec-store.
BTW I got annoyed at the code in admin-api and wrote something that's
sort of a object-ldap mapping framework inspired by (my poor
understanding of) jdo/jpa. It doesn't do enhancement or read
metadata from xml so you have to write java code to install that, but
the persistence stuff is then pretty automatic. I'm sure there are
parts I forgot plus plenty of bugs, but it seems to deal ok with:
-"pojos" that correspond to subcontexts/entries in ldap with single
and multivalued attributes.
-collections that correspond to children of an entry, such as the
permissions under an application. These can be separated by e.g. an
ou=permissions (or anything else that is single-valued and not
mapped). These are modeled as maps with the key being the dn component.
-collections that correspond to multivalued attributes where the
values are keys into a "child map" as just described. Again these
are modeled as maps. An example in triplesec is the grants/denials
for a role, these are multivalued attributes where the values are the
permission ids for the actual permission under the application.
To confuse the issue this code is in admin-api2 whereas the original
is in admin-api and only admin-api2 is compiled at the moment.
thanks
david jencks
Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing
Posted by Enrique Rodriguez <en...@gmail.com>.
On 1/16/07, Alex Karasulu <ak...@apache.org> wrote:
> David Jencks wrote:
> > A while back I moved the sandbox triplesec branches to directory trunk
> > because I couldn't get anything to work using released versions but
> > could against trunk. However with the recent changes to bootstrap
> > schema processing I strongly suspect that everything broke. I managed
> > to get some of the tests to compile but I don't trust the code I came up
> > with. If someone (Alex) could take a look at one of these tests I'd
> > appreciate it.
>
> What I will do is go into the trunks today and fix triplesec. I'm on
> and off site today though so bear with me.
Does "fix triplesec" include the OTP validator for Kerberos? If that
isn't part what you plan to look at, I'd like to get it working again
this week.
Enrique
Re: [TRIPLESEC] I could use some help with the recent changes in
bootstrap schema processing
Posted by Alex Karasulu <ak...@apache.org>.
David Jencks wrote:
> A while back I moved the sandbox triplesec branches to directory trunk
> because I couldn't get anything to work using released versions but
> could against trunk. However with the recent changes to bootstrap
> schema processing I strongly suspect that everything broke. I managed
> to get some of the tests to compile but I don't trust the code I came up
> with. If someone (Alex) could take a look at one of these tests I'd
> appreciate it.
What I will do is go into the trunks today and fix triplesec. I'm on
and off site today though so bear with me.
Alex
> All my recent work has been in sandbox/triplesec-jacc2;
> sandbox/triplesec-jacc is primarily a monument to my newby mistakes.
>
> The best examples are probably the tests in triplesec-store.
>
> BTW I got annoyed at the code in admin-api and wrote something that's
> sort of a object-ldap mapping framework inspired by (my poor
> understanding of) jdo/jpa. It doesn't do enhancement or read metadata
> from xml so you have to write java code to install that, but the
> persistence stuff is then pretty automatic. I'm sure there are parts I
> forgot plus plenty of bugs, but it seems to deal ok with:
> -"pojos" that correspond to subcontexts/entries in ldap with single and
> multivalued attributes.
> -collections that correspond to children of an entry, such as the
> permissions under an application. These can be separated by e.g. an
> ou=permissions (or anything else that is single-valued and not mapped).
> These are modeled as maps with the key being the dn component.
> -collections that correspond to multivalued attributes where the values
> are keys into a "child map" as just described. Again these are modeled
> as maps. An example in triplesec is the grants/denials for a role,
> these are multivalued attributes where the values are the permission ids
> for the actual permission under the application.
>
> To confuse the issue this code is in admin-api2 whereas the original is
> in admin-api and only admin-api2 is compiled at the moment.
>
> thanks
> david jencks
>
>
>
Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing
Posted by Emmanuel Lecharny <el...@gmail.com>.
David, I have changed a lot of things in shared-ldap ecently, and you may
have been impacted.
Do you want to have a chat about the kind of pbs you have, so that we can
eliminate them ?
I'm connected on trc.freenode.net#directory-dev if you need to discuss this
point further
--
Cordialement,
Emmanuel Lécharny
www.iktek.com