On 12/29/05, Brian Topping <[EMAIL PROTECTED]> wrote: > Hi guys, > > I've got Roller set up to authenticate against an LDAP directory, but > as I might have expected, Roller doesn't like users to log in with an > LDAP password before their account has been created. It strikes me > that an autoCreate would be a good thing to have in this instance, > pulling the values that it can from the LDAP directory and saving > them to the database (or abstracting UserManager so that it can read > the small number of properties it needs from LDAP directly). > > Dave mentioned on IRC that the Acegi implementation was new, and > after looking through it, I can see that it's not quite fully wired > in yet. CMA is still used with a Tomcat <Realm/> for authentication, > completely sidestepping Acegi.
Why do you say this? It sounds like there might be some cleanup we need to do. If you build Roller from SVN, there are no longer any <security-constraint>'s added to web.xml. > It seems if the answer to this > question is "get off CMA", then the idea of abstracting the > UserManager becomes easier to do. If this is a bad time for those > kinds of changes, it would be easier to addUser with values that were > replicated from LDAP. Acegi is adding support for LDAP Authentication, but I don't know if it'll be in the 1.0 release. Matt > > I'm also not sure what kind of relational usages there are of the > rolleruser table or whether that table is entirely accessed through > the UserManager. The latter is of course much easier to deal with if > it were to be abstracted to get the data from LDAP. > > Any thoughts appreciated! > > :b >
