Oops, I was tired and was mixing versions. Ten thousand apologies!!
I'll see what I can pull together.
-b
On Dec 29, 2005, at 12:00 PM, Matt Raible wrote:
On 12/29/05, Brian Topping <[EMAIL PROTECTED]> wrote:
Hi guys,
I've got Roller set up to authenticate against an LDAP directory, but
as I might have expected, Roller doesn't like users to log in with an
LDAP password before their account has been created. It strikes me
that an autoCreate would be a good thing to have in this instance,
pulling the values that it can from the LDAP directory and saving
them to the database (or abstracting UserManager so that it can read
the small number of properties it needs from LDAP directly).
Dave mentioned on IRC that the Acegi implementation was new, and
after looking through it, I can see that it's not quite fully wired
in yet. CMA is still used with a Tomcat <Realm/> for authentication,
completely sidestepping Acegi.
Why do you say this? It sounds like there might be some cleanup we
need to do. If you build Roller from SVN, there are no longer any
<security-constraint>'s added to web.xml.
It seems if the answer to this
question is "get off CMA", then the idea of abstracting the
UserManager becomes easier to do. If this is a bad time for those
kinds of changes, it would be easier to addUser with values that were
replicated from LDAP.
Acegi is adding support for LDAP Authentication, but I don't know if
it'll be in the 1.0 release.
Matt
I'm also not sure what kind of relational usages there are of the
rolleruser table or whether that table is entirely accessed through
the UserManager. The latter is of course much easier to deal with if
it were to be abstracted to get the data from LDAP.
Any thoughts appreciated!
:b
