Re: [Acegisecurity-developer] LDAP PasswordDao

[Robert r. Sanders]

Right now my first goal is to make the LDAP support more flexible.  For 
instance, we have users stored as ou=Users,dc=ipov,dc=info   but user's 
don't have a group/role association, instead we have a   
ou=Groups,dc=ipov,dc=info  where groups are defined with each group 
containing a list of the users it contains.  I think a little more code 
should do the trick.  Once I have this done I will send it in, then I 
will try and take a look at the other stuff.  I am not an LDAP/JNDI 
guru, but I have done a little with it before, and don't mind doing a 
little more.

I think that the LDAP support files are under Apache v2. It would be 
nice to give them a home; I will see if I can figure out how to unit 
test them - the Spring JNDI stuff ought to give me some hints. 

Ben Alex wrote:
Scott Battaglia wrote:
Robert,
There's an official JIRA issue in Spring for the LDAP support. Not 
sure what's going to happen with it though. I'd like to see it in 
Spring though ;-)

We have a duplicate of them in the CAS CVS tree only because they 
aren't in the Spring CVS tree anywhere and we made a few minor 
modifications.  I'd rather they weren't there though.

Scott, what license was the contributed LDAP code provided under?
I didn't realise there weren't unit tests for the LDAP support classes 
when I wrote my original email mentioning them. Making a copy of the 
classes into the Acegi Security CVS is unattractive without unit 
tests, as we need to keep coverage as close to 100% as practical. 
Whilst we could write unit tests for these classes, it seems a big 
scope blow-out when our original goal was to simply get coverage for 
our own LDAP DAO implementation.

It's up to you Robert how to approach this, as you've been good enough 
to donate your time. If you wish to put these LDAP support classes 
into CVS, do you have time to write some tests for them? If so we 
could easily make it a Maven subproject with its own JAR 
(acegi-security-ldap-0.8.0.jar) and that would probably give a nice 
solution for the wider Spring Community until the code was absorbed 
into Spring proper. Or would that same time be more effectively spent 
just focusing on our LDAP DAO, and maybe using some in-memory LDAP 
server (eg Apache DS) or mock?

Best regards
Ben
--
   Robert r. Sanders
   Chief Technologist
   iPOV
   (334) 821-5412
   www.ipov.net

-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer