[jira] Commented: (OFBIZ-811) Authentication using LDAP

Sat, 14 Jul 2007 06:59:26 -0700 

    [ 
https://issues.apache.org/jira/browse/OFBIZ-811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12512715
 ] 

Torsten Schlabach commented on OFBIZ-811:
-----------------------------------------

Adrian,

I would be willing to help resolving this issue, but I don't quite get what you 
mean here:

> 2. Put the LDAP authentication code in its own .java file. Then have 
> LoginServices call the authentication code if 
> the installation has been configured for LDAP. In other words, reduce the 
> LoginServices.java modification to a 
> simple if () statement that calls code in another file. 

I'd say the userLogin method in LoginServices.java is pretty monolithic now and 
not at all prepared for any kind of pluggable authentication / password 
checking services whatever. IIUC the (pretty long) userLogin method mixes all 
kind of generic authentication with authentication backend specific stuff, 
which does not exactly makes this easy.

Well, maybe I don't know enough about how services interact in OFBiz, but any 
pointers would be welcome.

Regards,
Torsten


> Authentication using LDAP
> -------------------------
>
>                 Key: OFBIZ-811
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-811
>             Project: OFBiz
>          Issue Type: New Feature
>          Components: framework
>         Environment: all
>            Reporter: Mohamed Amine AZZI
>            Assignee: Si Chen
>            Priority: Trivial
>         Attachments: ldap_properties.patch, LoginServices.java.diff, 
> security.properties.diff
>
>
> this feature, would enable Ofbiz users to authenticate their users using an 
> LDAP. I developed that change in response to a customer request who wanted 
> his employees to use the same passwords they use when openning a windows 
> session.
> the solution was to recreate the same usernames in the Party manager with an 
> unused password. and redirect the authentication to the LDAP when needed. The 
> choice is made in the security.properties file. all parameters needed to 
> connect to the LDAP are there also.
> After authentication all authorizations are taken out from the Party manager. 
>  This would give the same feature used by SharePoint, which is called cross 
> privileges
> the change is minor as you would see, but very helpfull for people needing 
> the same feature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to