I don't have a ton of free time either, but count me in Ben... Where can I find some more information on the Certificate Integration?
I'll volunteer for the AbstractProcessingFilter exceptions. We're gonna need Jira, or you're gonna go nuts... -Ray On Sun, 20 Feb 2005 21:20:18 -0500, Scott Battaglia <[EMAIL PROTECTED]> wrote: > Ben, > > Just a note that the official source that Olivier posted for LDAP > support is here: > http://opensource.atlassian.com/projects/spring/browse/SPR-362 > > The one's we're using, which are slightly modified (to include > LdapDaoSupport) are here: > http://www.uportal.org/cgi-bin/viewcvs.cgi/cas3/adaptors/ldap/src/main/java/org/springframework/ldap/ > > I don't believe there are any Test Cases though which could be an issue. > > -Scott > > Ben Alex wrote: > > > Robert r. Sanders wrote: > > > >> While I don't have a huge amount of spare time, I would be glad to > >> look over any list of tasks you have and see if I could fit any of > >> them in. I tried to look on the sourceforge site and see if there > >> were any bug/feature lists but couldn't find any. > >> > > Hi Robert > > > > Given your recent interest in the LDAP module, and its significant > > usefulness to the wider community, I think that's good feature to move > > from sandbox to core. Some things that might need doing in that regard > > include checking the forums for past LDAP contributions (to check the > > current LDAP DAO provides equivalent features), a description for the > > reference guide, and a unit test. Re unit testing, the problem is the > > difficulty of needing an LDAP server to respond to the requests. I see > > a few approaches that we could investigate: > > > > - Expect an LDAP server to be running. A Win32 port of OpenLDAP is > > available at http://lucas.bergmans.us/hacks/openldap/. I wouldn't mind > > if it was a prerequisite that the server was already running, with a > > base schema and users already in the directory. In this case we might > > make the LDAP module a separate Maven subproject so that it doesn't > > interfere with core's unit tests. > > > > - Look at Apache Directory Server. Maybe it could be loaded in-memory > > during the test. I haven't looked into it, but this is attractive > > being an all-Java solution. http://incubator.apache.org/directory/ > > > > - Review Olivier Jolly's LDAP support classes at > > http://www.uportal.org/cgi-bin/viewcvs.cgi/cas3/adaptors/ldap/src/. I > > took a look and they seem interesting - probably worth using in our > > LDAP DAO interface anyway just for completeness. Perhaps we could mock > > one or two of the key interfaces and not use an LDAP server at all. > > > > I'm quite keen on getting this LDAP issue sorted out, so any time you > > could invest in that would be greatly appreciated. Here is the > > remainder of my TODO list (not all of which will be done before 0.8.0 > > or even at all). I am working on the three items marked ***: > > > > *** Digest authentication (for WebDAV compliance) > > http://www.ietf.org/rfc/rfc2069.txt > > > > *** Anonymous user provider, so there's no need to exclude web URIs > > http://forum.springframework.org/viewtopic.php?t=1925 > > > > *** Remember me functionality > > > > http://sourceforge.net/mailarchive/forum.php?thread_id=5177499&forum_id=40659 > > > > > > http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice > > > > > > Chain AuthenticationDao / AuthenticationProvider > > (regular forum question) > > > > Eliminate hard-coded exceptions in AbstractProcessingFilter > > (replace with a pluggable resolver that is wired via a property editor) > > > > Certificate integration > > (seems complicated as exchange happens in container-level SSL/TLS > > handshake) > > > > Prevent concurrent logins via a session listener > > (committed new WebAuthenticationDetails which stores session ID in > > Authentication) > > > > JMX of cache hits/misses, password failures, prevent user logins not > > holding certain role > > > > http://opensource.atlassian.com/confluence/spring/display/DOC/Exposing+your+Beans > > > > > > Tiger annotations > > (or just wait for Spring to provide guidance on how it will approach > > this) > > > > DB source ObjectDefinitionSource > > (or just let Spring do it at container level) > > > > JOSSO Integration > > (good marketing benefit for software developers wanting pluggable SSO > > solutions) > > > > SecureID Integration > > > > > > Any help appreciated! > > > > Ben > > > > > > ------------------------------------------------------- > > SF email is sponsored by - The IT Product Guide > > Read honest & candid reviews on hundreds of IT Products from real users. > > Discover which products truly live up to the hype. Start reading now. > > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > > _______________________________________________ > > Home: http://acegisecurity.sourceforge.net > > Acegisecurity-developer mailing list > > Acegisecurity-developer@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer