Aysegul, I'm considering upgrading to 2.2 and using your patch to get password synchronization working.
I have a question though: do you know if the password credential interceptors are supported when you use LDAP? In particular, I'm looking to use the MaxPasswordAuthenticationFailuresInterceptor implementation of InternalPasswordCredentialInterceptor... thanks, aaron On Mon, Jun 29, 2009 at 7:25 AM, Aysegul Aydin <[email protected]> wrote: > > Hi, > > I implemented the password synchronization for LDAP. I created a JIRA issue > and attached my custom implementation (java source code and configuration > files) to the issue. For those who need the same functionality, please refer > to JIRA issue https://issues.apache.org/jira/browse/JS2-1037 . > > PS. My solution stores the users' passwords in LDAP as well as the database. > So, I use the current password credential storage and access managers to > store and retrieve the passwords to / from the database. My implementation > stores the passwords in LDAP when they are first created or changed. It does > not include password retrieval code from LDAP, since the database access > manager provides that part. My implementation uses a password encoder that > does the password encoding just the same way as LDAP. It's not a good > solution regarding security constraints. But in our environment, LDAP server > and portal server will reside in a LAN, so security is not a big concern. > > Regards, > Aysegul. > > > > ----- Original Message ---- > From: Aysegul Aydin <[email protected]> > To: Jetspeed Users List <[email protected]> > Sent: Friday, June 26, 2009 2:11:16 PM > Subject: Re: LDAP and User Passwords > > > Hi, > > We need this integration so I will be implementing this feature. I took a > look at the current PasswordCredential management source codes. I figured out > that I should implement UserPasswordCredentialAccessManager and > UserPasswordCredentialStorageManager interfaces. Would that be sufficient? > > Regards, > Aysegul. > > > > ----- Original Message ---- > From: Ate Douma <[email protected]> > To: Jetspeed Users List <[email protected]> > Sent: Thursday, June 25, 2009 10:50:09 AM > Subject: Re: LDAP and User Passwords > > Vivek Kumar wrote: >> Hi >> >> You are not missing any thing, The problem is that, we don't have user >> credential handler for Ldap in jetspeed 2.2.0. > True. > Our current users for the LDAP integration haven't had (yet) the need to > create user credetials from Jetspeed and storing it back into LDAP. > >> Please create an jira issue for tracking this problem. > Our available cycles and the priority for this are a little low right now, > but if you can come up with an implementation and provide a JIRA patch, we'd > be happy to incorporate this in Jetspeed! > > Regards, > > Ate > >> >> Vivek >> >> >> Aysegul Aydin wrote: >>> Hi, >>> >>> I'm testing the LDAP integration of JetSpeed 2.2.0 with ApacheDS. I managed >>> to successfully integrate LDAP with JetSpeed. However, I have a problem >>> with user creation. When I create a new user in JetSpeed portal, newly >>> created user's password is not set to LDAP. A new user entry is created in >>> LDAP without a problem but its password attribute is not created. Am I >>> missing something that does this password synchronization? >>> >>> Aysegul Aydin. >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [email protected] >>> For additional commands, e-mail: [email protected] >>> >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
