You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by Ate Douma <at...@douma.nu> on 2006/10/09 15:24:17 UTC
Re: svn commit: r450369 [1/3] - in /portals/jetspeed-2/trunk: components/security-schema/src/main/schema/ components/security/etc/ components/security/src/java/org/apache/jetspeed/security/spi/impl/ components/security/src/java/org/apache/jetspeed/security...

This patch breaks Jetspeed on Java 1.4 as it uses Java 5 API:
- javax.naming.ldap.LdapName
- javax.naming.directory.SearchResults.getNameInNamespace()

As I need to be able to build trunk on Java 1.4, I'm going to comment out these dependencies
WHICH WILL BREAK THE LDAP support!!!

taylor@apache.org wrote:
> Author: taylor
> Date: Wed Sep 27 00:49:17 2006
> New Revision: 450369
> 
> URL: http://svn.apache.org/viewvc?view=rev&rev=450369
> Log:
> https://issues.apache.org/jira/browse/JS2-491
> Enhance J2 LDAP Security Documentation
> 
> Contribution from Davy De Waele
> There actually isnt any documentation with this patch , so Im going to leave the issue open
> 
> This patch contains a new implementation for the ldap security module.
> 
> It allows for the LDAP to be configured through a property file (or spring config file) that has the following properties, allowing for an easy LDAP integration with a variety of different vendors.
> 
> # Ldap Configuration.
> 
> org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
> org.apache.jetspeed.ldap.ldapServerName=localhost
> org.apache.jetspeed.ldap.ldapServerPort=10389
> org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
> org.apache.jetspeed.ldap.rootPassword=secret
> org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
> #org.apache.jetspeed.ldap.defaultDnSuffix=
> #org.apache.jetspeed.ldap.ou.users=people
> #org.apache.jetspeed.ldap.ou.groups=groups
> #org.apache.jetspeed.ldap.ou.roles=roles
> 
> # define the filters needed to search for roles/groups/users
> #org.apache.jetspeed.ldap.RoleFilter=(&(objectclass=ldapsubentry) (objectclass=nsroledefinition))
> org.apache.jetspeed.ldap.RoleFilter=(objectClass=groupOfUniqueNames)
> org.apache.jetspeed.ldap.GroupFilter=(objectclass=organization)
> org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)
> 
> 
> org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
> 
> # define the way role membership occurs for a user
> # if RoleMembershipAttributes is used, membership attr will be stored on role
> # if UserRoleMembershipAttributes is used, membership attr will be stored on user
> org.apache.jetspeed.ldap.RoleMembershipAttributes=member
> org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
> 
> # define the way group membership occurs for a user
> # if GroupMembershipAttributes is used, membership attr will be stored on group
> # if UserGroupMembershipAttributes is used, membership attr will be stored on user
> org.apache.jetspeed.ldap.GroupMembershipAttributes=
> org.apache.jetspeed.ldap.UserGroupMembershipAttributes=uniqueMember
> 
> # define the way group membership occurs for a role
> # if GroupMembershipAttributes is used, membership attr will be stored on group
> # if UserGroupMembershipAttributes is used, membership attr will be stored on user
> org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
> org.apache.jetspeed.ldap.RoleGroupMembershipAttributes=
> 
> # define the default search base. (=rootContext)
> org.apache.jetspeed.ldap.DefaultSearchBase=o\=sevenSeas
> 
> # define the path to roles,groups and users
> # needs to be defined without the defaultsearchbase
> org.apache.jetspeed.ldap.RoleFilterBase=ou\=Roles\,ou\=OrgUnit1
> org.apache.jetspeed.ldap.GroupFilterBase=ou\=Groups\,ou\=OrgUnit1
> org.apache.jetspeed.ldap.UserFilterBase=ou\=People\,ou\=OrgUnit1
> 
> org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
> org.apache.jetspeed.ldap.GroupObjectClasses=top\,organization
> org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
> 
> # define the ID attribute used to search roles/groups/users
> org.apache.jetspeed.ldap.RoleIdAttribute=cn
> org.apache.jetspeed.ldap.GroupIdAttribute=cn
> org.apache.jetspeed.ldap.UserIdAttribute=uid
> 
> As you can see, filters and objectClasses can now be configured, and no jetspeed specific object classes or attributes need to be used.
> 
> The provided config files in the patch (components/security/src/test/JETSPEED-INF/directory/config
> ) have been tested on apacheds,openldap and sunds
> 
> Added:
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMembershipDao.java
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/company1.ldif
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/ldap.properties
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-atz.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap-atn.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/company1.ldif
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/ldap.properties
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-atz.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap-atn.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/company1.ldif
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/ldap.properties
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-atz.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-ldap-atn.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-ldap.xml
>     portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi.xml
>     portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapRoleSecurityHandler.java
> Modified:
>     portals/jetspeed-2/trunk/components/security-schema/src/main/schema/jetspeed.schema
>     portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap.xml
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserPrincipalDaoImpl.java
>     portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/AbstractLdapTest.java
>     portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapGroupSecurityHandler.java
>     portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapSecurityMappingHandler.java
>     portals/jetspeed-2/trunk/etc/apacheds/apacheds-server.xml
>     portals/jetspeed-2/trunk/maven-plugin/plugin.jelly
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org