> I'd still vote that we keep the following for non-ppolicy use > cases, in addition to the settings below: > > - ldapDateConverter
I don't see the need. ldaptive knows how to compute dates for a a particular directory, and returns a calendar in the AccountState. I'm fairly certain that date parsing/conversion _from_ the directory will need to be in ldaptive. > - datetimeFormatter (This we may be able to remove; Not sure if ldaptive > provides native formatting of date attributes?) I would argue that date formatting is a view-layer concern. ldaptive returns a calendar that could be formatted with the JSTL formatDate tag [1] or similar in the view. That said, there may be some value in handling it lower down in order to generalize warning message handling in CAS. I'll have to play around a bit early next week and see how it goes. > - passwordExpirationDateAttributeName > - accountLockedAttributeName > - accountPasswordMustChangeAttributeName Those are the biggest rub. There's simply nothing equivalent for any directory other than AD. At the least we'll need an AD-specific extension component to hold those. Pretty sure that's going to come in a subsequent step. > Needless to say, I'd be happy > to lend a hand in testing the proposed changeset against AD and report back. We have AD infrastructure here for testing which I plan to leverage, but I would very much appreciate your help once I have a basic fitness test completed. > The PPAction component was removed in favor of the handler, in the sense > that checking policy would be all self-contained inside the handler. I buy that and it's where I'm headed, thank goodness. > So long as the handler is throwing > back the right type of exception, the exception-handler would be able to > alternate the flow. This would lessen configuration, and of course > documentation and troubleshooting. Yes, exactly. Pax, M [1] http://docs.oracle.com/javaee/5/jstl/1.1/docs/tlddocs/fmt/formatDate.html -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
