You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by Endi Sukma Dewata <en...@vergenet.com> on 2005/10/17 20:57:13 UTC

AbstractAuthenticator.createLdapPrincipal()

Hi,

I just updated the latest code and noticed that the createLdapPrincipal()
method in the AbstractAuthenticator class has been commented out because
it's not used anywhere in the ApacheDS code. This method is actually needed
by custom authenticators. See rev. #167943 and
http://wiki.apache.org/directory/ApacheDirectoryServer.

Upon a successful authentication, an authenticator needs to return an
instance of LdapPrincipal. However, the LdapPrincipal class only has 2
constructors which aren't accessible outside the o.a.l.s.authn package. So,
to circumvent this restriction, custom authenticators must call the
createLdapPrincipal() provided by the AbstractAuthenticator.

In my opinion, restricting the LdapPrincipal constructors like now is
unnecessary. If the purpose is to protect from malicious code, it won't work
because someone can just create a subclass of AbstractAuthenticator and
provide arbitrary access to createLdapPrincipal(). A constructor should be
protected only if we want to control the instance creation programmatically,
but not to create a "sandbox". I think we should restore public access to
the LdapPrincipal constructors and implement policy permissions or security
manager.

Any comments would be greatly appreciated. Thanks.


--
Endi S. Dewata