[TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing

[David Jencks <da...@yahoo.com>]

A while back I moved the sandbox triplesec branches to directory  
trunk because I couldn't get anything to work using released versions  
but could against trunk.  However with the recent changes to  
bootstrap schema processing I strongly suspect that everything  
broke.  I managed to get some of the tests to compile but I don't  
trust the code I came up with.  If someone (Alex) could take a look  
at one of these tests I'd appreciate it.

All my recent work has been in sandbox/triplesec-jacc2; sandbox/ 
triplesec-jacc is primarily a monument to my newby mistakes.

The best examples are probably the tests in triplesec-store.

BTW I got annoyed at the code in admin-api and wrote something that's  
sort of a object-ldap mapping framework inspired by (my poor  
understanding of) jdo/jpa.  It doesn't do enhancement or read  
metadata from xml so you have to write java code to install that, but  
the persistence stuff is then pretty automatic.  I'm sure there are  
parts I forgot plus plenty of bugs, but it seems to deal ok with:
-"pojos" that correspond to subcontexts/entries in ldap with single  
and multivalued attributes.
-collections that correspond to children of an entry, such as the  
permissions under an application.  These can be separated by e.g. an  
ou=permissions (or anything else that is single-valued and not  
mapped). These are modeled as maps with the key being the dn component.
-collections that correspond to multivalued attributes where the  
values are keys into a "child map" as just described.  Again these  
are modeled as maps.  An example in triplesec is the grants/denials  
for a role, these are multivalued attributes where the values are the  
permission ids for the actual permission under the application.

To confuse the issue this code is in admin-api2 whereas the original  
is in admin-api and only admin-api2 is compiled at the moment.

thanks
david jencks

Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing

[Enrique Rodriguez <en...@gmail.com>]

On 1/16/07, Alex Karasulu <ak...@apache.org> wrote:
> David Jencks wrote:
> > A while back I moved the sandbox triplesec branches to directory trunk
> > because I couldn't get anything to work using released versions but
> > could against trunk.  However with the recent changes to bootstrap
> > schema processing I strongly suspect that everything broke.  I managed
> > to get some of the tests to compile but I don't trust the code I came up
> > with.  If someone (Alex) could take a look at one of these tests I'd
> > appreciate it.
>
> What I will do is go into the trunks today and fix triplesec.  I'm on
> and off site today though so bear with me.

Does "fix triplesec" include the OTP validator for Kerberos?  If that
isn't part what you plan to look at, I'd like to get it working again
this week.

Enrique

Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing

[Alex Karasulu <ak...@apache.org>]

David Jencks wrote:
> A while back I moved the sandbox triplesec branches to directory trunk 
> because I couldn't get anything to work using released versions but 
> could against trunk.  However with the recent changes to bootstrap 
> schema processing I strongly suspect that everything broke.  I managed 
> to get some of the tests to compile but I don't trust the code I came up 
> with.  If someone (Alex) could take a look at one of these tests I'd 
> appreciate it.

What I will do is go into the trunks today and fix triplesec.  I'm on 
and off site today though so bear with me.

Alex


> All my recent work has been in sandbox/triplesec-jacc2; 
> sandbox/triplesec-jacc is primarily a monument to my newby mistakes.
> 
> The best examples are probably the tests in triplesec-store.
> 
> BTW I got annoyed at the code in admin-api and wrote something that's 
> sort of a object-ldap mapping framework inspired by (my poor 
> understanding of) jdo/jpa.  It doesn't do enhancement or read metadata 
> from xml so you have to write java code to install that, but the 
> persistence stuff is then pretty automatic.  I'm sure there are parts I 
> forgot plus plenty of bugs, but it seems to deal ok with:
> -"pojos" that correspond to subcontexts/entries in ldap with single and 
> multivalued attributes.
> -collections that correspond to children of an entry, such as the 
> permissions under an application.  These can be separated by e.g. an 
> ou=permissions (or anything else that is single-valued and not mapped). 
> These are modeled as maps with the key being the dn component.
> -collections that correspond to multivalued attributes where the values 
> are keys into a "child map" as just described.  Again these are modeled 
> as maps.  An example in triplesec is the grants/denials for a role, 
> these are multivalued attributes where the values are the permission ids 
> for the actual permission under the application.
> 
> To confuse the issue this code is in admin-api2 whereas the original is 
> in admin-api and only admin-api2 is compiled at the moment.
> 
> thanks
> david jencks
> 
> 
> 

Re: [TRIPLESEC] I could use some help with the recent changes in bootstrap schema processing

[Emmanuel Lecharny <el...@gmail.com>]

David, I have changed a lot of things in shared-ldap ecently, and you may
have been impacted.

Do you want to have a chat about the kind of pbs you have, so that we can
eliminate them ?

I'm connected on trc.freenode.net#directory-dev if you need to discuss this
point further

-- 
Cordialement,
Emmanuel Lécharny
www.iktek.com