Hi, Now I know, how I can let Continuum only use My implementation (deleted the JDO-UsermanagerProvider.jar).
But I have other problems: 1. My LDAP-User has no Authorisation (At the moment, I fixed it by manually db-insert) 2. I could not give my user any new assignments in Web-Front Effective Roles: shows all roles Assigned Roles: shows all assigned roles Available Roles: shows "No Roles Available to Grant" although there are not assigned roles. greetz David David Goemans schrieb: > I tried to implement my Class LdapUserManager without extending > JdoUserManager. > > But there are some problems: > > I set the hint of my implementation on ldap and changed the Requirements > of the classes which use a UserManager on my Implementation (hint=ldap). > But the only class I found where > "org.apache.maven.continuum.web.action.ProjectGroupAction", but I think > there must be classes in the Plexus Security (But I don't know how to > change them)! > > After that I tried to give my Implementation the hint jdo (I know it is > a dirty hack). Know Continuum uses sometimes my implementation and the > default jdo-implementation. > > -David > > Joakim Erdfelt schrieb: >> Some problems here. >> >> You can't extend JdoUserManager. >> That won't work. >> >> If you need multiple sources for Users, then that is a feature we need >> to add to the security framework. >> We already do this with the Authorization bits. I see no reason we >> can't do that for the Authentication bits too. >> >> Again, Use the maven 2 build process. >> Look at the annotations within the code. >> The 'role-hint' is the key. >> Your LDAP code will have it's own unique role-hint. >> >> Do *NOT* manage the components.xml by hand. >> >> - Joakim >> >> David Goemans wrote: >>> Hi, >>> >>> at first thanks for your help. I want to write a UserManager, which >>> extends the JdoUserManager and only search in LDAP if the user isn't >>> saved in Database. >>> >>> But my first problem is that I don't understand, how continuum knows >>> that it should use my UserManager-implementation. >>> >>> - David >>> >>> Joakim Erdfelt schrieb: >>> >>>> There are 3 database stores for you to worry about. >>>> >>>> Users >>>> Roles / Permissions / Resouces >>>> Keys >>>> >>>> If you are just providing Users / Authentication ldap integration, then >>>> you need only to create an LDAP Provider for the Users Store. >>>> >>>> Use the maven 2 build process and you don't have to manage the >>>> components.xml manually, as the maven 2 build process creates them from >>>> annotations within the source code. >>>> >>>> See the examples in source control - >>>> https://svn.codehaus.org/plexus/plexus-redback/branches/plexus-security-1.0-alpha-11/user-management/providers/ >>>> >>>> - Joakim >>>> >>>> David Goemans wrote: >>>> >>>>> yes I am willing to share this implementation. But I didn't write a >>>>> implementation now (only a dummy). At the moment I only want to know >>>>> how to configure it in the component.xml-File. Then I will try to write >>>>> a LDAP-implementation. >>>>> >>>>> greetz >>>>> David >>>>> >>>>> Joakim Erdfelt schrieb: >>>>> >>>>> >>>>>> Would you be willing to share this implementation? >>>>>> As we would all be interested in getting access to this? >>>>>> >>>>>> - Joakim Erdfelt >>>>>> >>>>>> David Goemans wrote: >>>>>> >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I want to use LDAP to authenticate on Continuum. I tried to write a own >>>>>>> RBAC-Manager and wanted to configure it in the file "components.xml" of >>>>>>> the subproject continuum-security as follow: >>>>>>> >>>>>>> <!-- RBAC Manager, cached ldap --> >>>>>>> <component> >>>>>>> <role>org.codehaus.plexus.security.rbac.RBACManager</role> >>>>>>> <role-hint>cached</role-hint> >>>>>>> <implementation>org.codehaus.plexus.security.authorization.rbac.store.cached.CachedRbacManager</implementation> >>>>>>> <description>CachedRbacManager is a wrapped RBACManager with >>>>>>> caching.</description> >>>>>>> <requirements> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.security.rbac.RBACManager</role> >>>>>>> <role-hint>ldap</role-hint> >>>>>>> <field-name>rbacImpl</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>operations</role-hint> >>>>>>> <field-name>operationsCache</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>permissions</role-hint> >>>>>>> <field-name>permissionsCache</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>resources</role-hint> >>>>>>> <field-name>resourcesCache</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>roles</role-hint> >>>>>>> <field-name>rolesCache</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>userAssignments</role-hint> >>>>>>> <field-name>userAssignmentsCache</field-name> >>>>>>> </requirement> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.ehcache.EhcacheComponent</role> >>>>>>> <role-hint>userPermissions</role-hint> >>>>>>> <field-name>userPermissionsCache</field-name> >>>>>>> </requirement> >>>>>>> </requirements> >>>>>>> </component> >>>>>>> >>>>>>> <component> >>>>>>> <role>org.codehaus.plexus.security.rbac.RBACManager</role> >>>>>>> <role-hint>ldap</role-hint> >>>>>>> <implementation>"my implementation"</implementation> >>>>>>> <description>JdoRbacManager:</description> >>>>>>> <requirements> >>>>>>> <requirement> >>>>>>> <role> >>>>>>> org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool >>>>>>> </role> >>>>>>> <field-name>jdo</field-name> >>>>>>> </requirement> >>>>>>> </requirements> >>>>>>> </component> >>>>>>> <component> >>>>>>> <role> >>>>>>> org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool >>>>>>> </role> >>>>>>> <implementation> >>>>>>> org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoTool >>>>>>> </implementation> >>>>>>> <description>JdoTool - RBAC JDO Tools.</description> >>>>>>> <requirements> >>>>>>> <requirement> >>>>>>> <role>org.codehaus.plexus.jdo.JdoFactory</role> >>>>>>> <role-hint>users</role-hint> >>>>>>> <field-name>jdoFactory</field-name> >>>>>>> </requirement> >>>>>>> </requirements> >>>>>>> </component> >>>>>>> >>>>>>> The continuum uses now my implementation, but no roles, permissions, etc >>>>>>> are defined. How can I configure the continuum roles, permissions, etc >>>>>>> in the components.xml-file. >>>>>>> >>>>>>> My implementation extends the >>>>>>> "org.codehaus.plexus.security.authorization.rbac.store.jdo.JdoRbacManager", >>>>>>> because I only want to authenticate on LDAP if the user isn't saved in >>>>>>> the Database. >>>>>>> >>>>>>> greetz >>>>>>> David >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>> >>>>> >>>> >>> >> >
