portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ate Douma <...@douma.nu>
Subject Re: [jira] Updated: (JS2-491) Enhance J2 LDAP Security Documentation
Date Sun, 12 Nov 2006 17:20:27 GMT
Aaron Evans wrote:
> Guys,
> will Davy's LDAP stuff still work?  I thought maybe it was broken
> since there were Java 1.5 specific things in it and Ate had to comment
> them out when he applied a patch for JS2-491.
Davy provided new patches which are Java 1.4 compliant and I'm in the process of reviewing
and testing them (see JS2-491).
I hope to commit his changes this evening or else sometime next week the latest.
I have some problems with ApacheDS 1.0.0 though: they changed their packaging (only maven-2
now), which makes it difficult/impossible for easy embedding it in 
Jetspeed-2.
And I can't find *any* documentation on the ApacheDS site(s) about embedding it in an application
:(
The completeness of their documentation is equal if not less to ours...

Ate
> 
> Or are these things completely unrelated?
> 
> See svn commit: r454376 (search the archives for r454376):
> 
>> JS2-491 patch breaks Jetspeed trunk as it cannot compile/run anymore
> on Java 1.4.
>> Fixing Java 5 dependencies by (temporarily) commenting out the related 
>> code.
>> THIS BREAKS THE CURRENT LDAP support!!!
> 
> -aaron
> 
> On 11/11/06, Davy De Waele (JIRA) <jetspeed-dev@portals.apache.org> wrote:
>>      [ http://issues.apache.org/jira/browse/JS2-491?page=all ]
>>
>> Davy De Waele updated JS2-491:
>> ------------------------------
>>
>>     Attachment: jetspeed LDAP.doc
>>
>> I've also written up some documentation describing the new LDAP 
>> configuration, and the properties in security-spi-ldap.xml.
>>
>> Sorry for the MS Word format... Efforts are on the way to convert it 
>> into xdoc format
>>
>> If you have any problems or questions, don't hesitate to contact me.
>>
>> > Enhance J2 LDAP Security Documentation
>> > --------------------------------------
>> >
>> >                 Key: JS2-491
>> >                 URL: http://issues.apache.org/jira/browse/JS2-491
>> >             Project: Jetspeed 2
>> >          Issue Type: Improvement
>> >          Components: Security
>> >    Affects Versions: 2.1-dev
>> >            Reporter: David Le Strat
>> >             Fix For: 2.1-dev
>> >
>> >         Attachments: jetspeed LDAP.doc, jetspeed-ldap-final.patch, 
>> jetspeed2-ldap-11102006.patch, ldap_patch_with_jdk_fix.patch
>> >
>> >
>> > From Davy De Waele email to the list:
>> > Judging from the recent activity on the mailing list I noticed some
>> > interest in using LDAP & Jetspeed
>> > Some thoughts come to mind:
>> > 1. The instructions located at
>> > 
>> http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/ldap
>> > .html are really only applicable for people who are building jetspeed
>> > from source.
>> > Due to the fact that the security-spi-ldap*.xml files shown there are
>> > coming from SVN (interface changes, additional objects in the
>> > configuration files that are not in the 2.0 binary release), users who
>> > have installed jetspeed2 via the installer attempting to follow these
>> > instructions will run into configuration issues.
>> > What would be the best way to address this?
>> > I think we should make a difference between users who are familiar with
>> > Maven, SVN, compiling/building/deploying, and users who just want to
>> > get
>> > the thing up & running using the installer.
>> > Shouldn't we put this information into perspective by:
>> > a) Clearly indicating that this is only intended for people building
>> > from source
>> > b) Provide an additional manual on what needs to be done starting from
>> > a
>> > binary release (2.0 version)
>> >
>> > The user would have to
>> >           * copy the security-spi-ldap*.xml files (we provide
>> > downloadable spring XML files acting as examples)
>> >           * remove their default security-spi-atn.xml
>> >           * restart tomcat
>> >           * preparing their LDAP server
>> > As far as LDAP support goes, we should provide instructions on how
>> > existing LDAP servers can be used with jetspeed. We can also provide
>> > downloadable schema files & LDIF sample data for all major vendors +
>> > documentation)
>> > I could provide such manuals for OpenLDAP,SunDS and ApacheDS.
>> > 2. The major problem that users will be facing today is that encrypted
>> > passwords are not supported in the jetspeed2.0 release. Given that this
>> > functionality has been committed to the codebase, how do you feel
>> > towards providing a downloadable JAR file to users that would act as a
>> > replacement for their current jetspeed-security-2.0.jar - doesn't have
>> > to be anything official, could be included as a link in the
>> > documentation)
>> > The user would have to
>> >          * replace his jetspeed-security-2.0.jar
>> >          * restart tomcat
>> > The user would have support for encrypted passwords and group/role
>> > membership via LDAP.
>> > 3. OpenLDAP schema file
>> > I had to add groupOfUniqueNames as a parent to the jetspeed-2-group and
>> > jetspeed-2-role objectClasses in order for the group/role assignment to
>> > work in OpenLDAP.
>> > ApacheDS doesn't really care when objects are created in the LDAP tree
>> > containing attributes that aren't defined in the LDAP schema. OpenLDAP
>> > does :) I've attached the new jetspeed.schema file.
>>
>> -- 
>> This message is automatically generated by JIRA.
>> -
>> If you think it was sent incorrectly contact one of the 
>> administrators: http://issues.apache.org/jira/secure/Administrators.jspa
>> -
>> For more information on JIRA, see: http://www.atlassian.com/software/jira
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
>> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>>
>>
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message