You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by James Liao <ji...@gmail.com> on 2005/06/18 12:38:58 UTC

Some questions about J2 security spi(Ldap implementation)

Hi all,
I have been working on J2 security-spi ldap implementation for a few days. 
I want to integrate J2 with own EAI platform(Businessware).
Businessware platform are totally based on Ldap, all its users, groups and 
rolegroups are stored in ldap. I want to make j2 authenticate against 
Businessware Ldap server. 

1. I implement the following interface:
LdapPrincipalDao ---- BWLdapGroupDaoImpl
LdapUserPrincipalDao ---- BWLdapUserPrincipalDaoImpl
LdapUserCredentialDao ---- BWLdapUserCredentialDaoImpl

2. Replace the following Handlers:
GroupSecurityHanlder ---- 
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler
SecurityMappingHandler ---- 
org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler

3. Add these two Handlers(I don't want to override the default one):
LdapCredentialHandler ----- 
org.apache.jetspeed.security.spi.impl.LdapCredentialHandler
LdapUserSecurityHandler ---- 
org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler

4. Add a new AuthenticationProvider named LdapAuthenticationProvider with 
LdapCredentialHandler, LdapUserSecurityHandler.


Here is my questions:
1. Does org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandlerfinish?
Will it be finished in future?

2. I think it is a bug in 
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler. It always 
use groupPrincipal's full path to create a new group,so the group name is 
like &group&newgroupname.
public void setGroupPrincipal(GroupPrincipal groupPrincipal) throws 
SecurityException
{
System.out.println("Group Principal UID:" + groupPrincipal.getFullPath());
verifyGroupPrincipal(groupPrincipal);

! String uid = groupPrincipal.getFullPath();// Why not use getName() here?
String groupUidWithoutSlashes = convertUidToAcceptableName(uid);
LOG.debug("Group Principal UID:" + groupUidWithoutSlashes);

if (getGroupPrincipal(groupUidWithoutSlashes) == null)
{
LOG.debug("Group Principal UID:" + groupUidWithoutSlashes);
ldap.create(groupUidWithoutSlashes);
}
}

3. Will multi GroupSecurityHanlder, SecurityMappingHandler be supported in 
future?

Any help will be appreciated!

-James Liao