Ben, how about start using JIRA for Acegi release/issue management? I could create a project for JIRA in Spring JIRA installation. Would it be appropriate, taking into consideration that Acegi is not the official Spring subproject?
Dmitriy. ----- Original Message ----- From: Ben Alex <[EMAIL PROTECTED]> Date: Sunday, February 20, 2005 7:39 pm Subject: Re: [Acegisecurity-developer] Reducing the number of filters needed in web.xml > Robert r. Sanders wrote: > > > While I don't have a huge amount of spare time, I would be glad > to > > look over any list of tasks you have and see if I could fit any > of > > them in. I tried to look on the sourceforge site and see if > there > > were any bug/feature lists but couldn't find any. > > > Hi Robert > > Given your recent interest in the LDAP module, and its significant > usefulness to the wider community, I think that's good feature to > move > from sandbox to core. Some things that might need doing in that > regard > include checking the forums for past LDAP contributions (to check > the > current LDAP DAO provides equivalent features), a description for > the > reference guide, and a unit test. Re unit testing, the problem is > the > difficulty of needing an LDAP server to respond to the requests. I > see a > few approaches that we could investigate: > > - Expect an LDAP server to be running. A Win32 port of OpenLDAP is > available at http://lucas.bergmans.us/hacks/openldap/. I wouldn't > mind > if it was a prerequisite that the server was already running, with > a > base schema and users already in the directory. In this case we > might > make the LDAP module a separate Maven subproject so that it doesn't > interfere with core's unit tests. > > - Look at Apache Directory Server. Maybe it could be loaded in- > memory > during the test. I haven't looked into it, but this is attractive > being > an all-Java solution. http://incubator.apache.org/directory/ > > - Review Olivier Jolly's LDAP support classes at > http://www.uportal.org/cgi-bin/viewcvs.cgi/cas3/adaptors/ldap/src/. > I > took a look and they seem interesting - probably worth using in our > LDAP > DAO interface anyway just for completeness. Perhaps we could mock > one or > two of the key interfaces and not use an LDAP server at all. > > I'm quite keen on getting this LDAP issue sorted out, so any time > you > could invest in that would be greatly appreciated. Here is the > remainder > of my TODO list (not all of which will be done before 0.8.0 or even > at > all). I am working on the three items marked ***: > > *** Digest authentication (for WebDAV compliance) > http://www.ietf.org/rfc/rfc2069.txt > > *** Anonymous user provider, so there's no need to exclude web URIs > http://forum.springframework.org/viewtopic.php?t=1925 > > *** Remember me functionality > > http://sourceforge.net/mailarchive/forum.php?thread_id=5177499&forum_id=40659 > > http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice > > Chain AuthenticationDao / AuthenticationProvider > (regular forum question) > > Eliminate hard-coded exceptions in AbstractProcessingFilter > (replace with a pluggable resolver that is wired via a property > editor) > Certificate integration > (seems complicated as exchange happens in container-level SSL/TLS > handshake) > > Prevent concurrent logins via a session listener > (committed new WebAuthenticationDetails which stores session ID > in > Authentication) > > JMX of cache hits/misses, password failures, prevent user logins > not > holding certain role > > http://opensource.atlassian.com/confluence/spring/display/DOC/Exposing+your+Beans > > Tiger annotations > (or just wait for Spring to provide guidance on how it will > approach this) > > DB source ObjectDefinitionSource > (or just let Spring do it at container level) > > JOSSO Integration > (good marketing benefit for software developers wanting pluggable > SSO > solutions) > > SecureID Integration > > > Any help appreciated! > > Ben > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real > users.Discover which products truly live up to the hype. Start > reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer