You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by James Liao <ji...@gmail.com> on 2005/06/18 12:38:58 UTC
Some questions about J2 security spi(Ldap implementation)
Hi all,
I have been working on J2 security-spi ldap implementation for a few days.
I want to integrate J2 with own EAI platform(Businessware).
Businessware platform are totally based on Ldap, all its users, groups and
rolegroups are stored in ldap. I want to make j2 authenticate against
Businessware Ldap server.
1. I implement the following interface:
LdapPrincipalDao ---- BWLdapGroupDaoImpl
LdapUserPrincipalDao ---- BWLdapUserPrincipalDaoImpl
LdapUserCredentialDao ---- BWLdapUserCredentialDaoImpl
2. Replace the following Handlers:
GroupSecurityHanlder ----
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler
SecurityMappingHandler ----
org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler
3. Add these two Handlers(I don't want to override the default one):
LdapCredentialHandler -----
org.apache.jetspeed.security.spi.impl.LdapCredentialHandler
LdapUserSecurityHandler ----
org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler
4. Add a new AuthenticationProvider named LdapAuthenticationProvider with
LdapCredentialHandler, LdapUserSecurityHandler.
Here is my questions:
1. Does org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandlerfinish?
Will it be finished in future?
2. I think it is a bug in
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler. It always
use groupPrincipal's full path to create a new group,so the group name is
like &group&newgroupname.
public void setGroupPrincipal(GroupPrincipal groupPrincipal) throws
SecurityException
{
System.out.println("Group Principal UID:" + groupPrincipal.getFullPath());
verifyGroupPrincipal(groupPrincipal);
! String uid = groupPrincipal.getFullPath();// Why not use getName() here?
String groupUidWithoutSlashes = convertUidToAcceptableName(uid);
LOG.debug("Group Principal UID:" + groupUidWithoutSlashes);
if (getGroupPrincipal(groupUidWithoutSlashes) == null)
{
LOG.debug("Group Principal UID:" + groupUidWithoutSlashes);
ldap.create(groupUidWithoutSlashes);
}
}
3. Will multi GroupSecurityHanlder, SecurityMappingHandler be supported in
future?
Any help will be appreciated!
-James Liao