Thanks a lot for your comments, Brandon. Especially since they are
largely positive :). I'm keen to get as much feedback as possible so
that we can make the release as stable as possible.
Brandon Keepers wrote:
...
There isn't an easy way to override which UserDetails implementation
is returned. As it is now, I have to extend
LdapAuthenticationProvider and override createUserDetails. But since
the authenticator and authoritiesPopulator objects are private, I have
to call super.createUserDetails() to get a User object with the
authorities populated, then create whatever object I wish to return.
I don't have a good suggestion for overcomming this. I tried moving
createUserDetails (and authoritiesPopulator) into the
LdapAuthenticator implementation, then just having authenticate()
return a instance of UserDetails, but that didn't feel right either.
Would applying the strategy pattern to create the user details be
overkill?
...
This was pretty much what I intended. It doesn't seem to onerous to have
to call super.createUserDetails() and then manipulate the returned data
as required to create your new object.
One minor comment on the DefaultInitialDirContext: there is no way to
enable the useConnectionPool property, that I could see anyway.
...
This property was in the previous implementation, and I can't really
think of a good reason why anyone would set it to false. At the moment,
the implementation uses connection pooling for anonymous connections or
for those with the "manager" user's identity, but not when binding as a
specific user, so connection pooling isn't actually on or off for
everyone - it depends on the user. Most of the Sun provider's connection
pooling options are set on a "connection identity" basis so it doesn't
seem like a good idea to use pooling for individual users who are only
likely to bind once to log in to the system.
I'll add a setter method to allow disabling all connection pooling. I
guess it might be useful in some cases.
Thanks again for the feedback,
Luke.
--
Luke Taylor. Monkey Machine Ltd.
PGP Key ID: 0x57E9523C http://www.monkeymachine.ltd.uk
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
