Suresh_Babu wrote:
>
> I am developing an EJB application which used LDAP (Netscape Directory
> Server) for Authentication and Authorization. This application allows the
> user to change his personal details which I need to set in LDAP server.
> Apart from this, the application should allow some sort of User
> administration. Now my question is what type of bean will suit my
> requirement?
>
> If I have say LDAPUserBean as SFSB I have a problem with concurrency. What
> if the admin guy changes the privileges when the user is accessing the
> application? I am not sure If I can make this as a BMP.
There is no good solution to your problem at present because LDAP does not have
commit/backout and locking support.
Are you sure that the personal details need to be held in the directory to meet
some specific application requirement? Carefully consider the alternative of
keeping the details in a database before rejecting it because if that can be
done then you can use BMP or CMP.
If the details must be kept in the directory, then use a SLSB to wrapper your
LDAP access. To minimise the risk of corrupting the data when the administrator
changes the user details while the user is in the middle of doing it himself use
an "optimistic locking" approach as shown in the pseudocode below.
-------------------
public class LdapBean implements javax.ejb.SessionBean
{
public Boolean setDetails(UserDetails oldDetails, UserDetails newDetails)
throws...
{
get currentDetails from Directory
if (currentDetails == oldDetails)
{
write newDetails into Directory
return true
}
else
{
return false
}
public UserDetails getDetails(String username) throws...
{
return details from Directory
}
}
-------------------
Note that I haven't tried this - it's merely the way I would go about solving
the problem.
========================================
Ian McCallion
Alexis Systems Limited
Romsey, UK
========================================
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
