Yeah that'd be good too. LDAP should be possible... Currently there's no way to configure other fields than username and password, but that should be ok for LDAP.
You'll need to make a JAAS config file for your particular LDAP configuration, and in the AuthenticationServlet make it able to map a user's LDAP to their wave ID. That will require a change to AuthenticationServlet.getLoggedInUser() to also respond to LdapPrincipal. We'll probably also need another change so that if the authentication module correctly authenticates a user, the account data will be created automatically. Maybe add a 'boolean createIfNeeded' argument to SessionManager.setLoggedInUser(session, loggedInAddress). You can implement that in SessionManagerImpl by calling accountStore.putAccount(new HumanAccountDataImpl(id)). You're more than welcome to have a stab at it. I'm happy to help; and send code reviews my way if you get something working. An admin panel would be good too - What kind of stuff would we want in that? I guess a change password thing, and we should let users set their profile pictures and stuff. ... Yeah... that'd be nice too. -J On Sun, Oct 24, 2010 at 12:13 PM, James Purser <[email protected]> wrote: > I think a better idea would be to setup an auth layer that people can then > write plugins for. > Also, we're getting to the point where we are going to need an Admin panel > of some sort. With the user rego, robot auth and so on we're going to need > to start tying everything together. > James > > On Sun, Oct 24, 2010 at 12:08 PM, Perry Smith <[email protected]> wrote: >> >> Is it way too soon to hook up an LDAP authentication? I'd like to take a >> whack at that if it seems appropriate. I might should do something smaller >> first though. >> >> On Oct 23, 2010, at 7:35 PM, Joseph Gentle wrote: >> >> > Thats working as intended :( >> > >> > I only made FakePermissiveAccountStore because at the time we didn't >> > have the registration servlet, so you couldn't actually register >> > users. I'd like to remove it, but the other developers don't want to >> > have to register users when they're testing their code changes. I >> > think they're big wusses, and they should just install mongodb and use >> > the persistent user store. >> > >> > Fedone is configured to work with mongodb's default configuration. You >> > should just be able to install & run mongodb, and if you tell fedone >> > to use it, everything will magically work. >> > >> > Alternately, we could make the in-memory user store the default user >> > store. If you want persistent users, you can just switch it across. >> > (Or I can add a tiny curl script which registers a couple test >> > users... or....) >> > >> > But yeah; sorry about the confusing behaviour. >> > >> > -J >> > >> > >> > On Sun, Oct 24, 2010 at 10:35 AM, Vega <[email protected]> wrote: >> >> It seems like there's bug with FakePermissiveAccountStore at line 45: >> >> account = new HumanAccountDataImpl(id, new >> >> PasswordDigest("".toCharArray())); >> >> It assigns the new value to account, but then in the >> >> UserRegistrationServlet there's the following test: >> >> if (accountStore.getAccount(id) != null) { >> >> return "Account already exists"; >> >> } >> >> So, basically, it always returns the error message >> >> >> >> On Oct 24, 12:40 am, Joseph Gentle <[email protected]> wrote: >> >>> With the fake user store, you don't need to register users. You can >> >>> just login as any user, with a blank password. >> >>> >> >>> Also, with both the login page and the registration page, you can just >> >>> type in the username (without the @domain) and the domain suffix will >> >>> be added automatically. >> >>> >> >>> Sorry those pages are confusing. People on this list are working on >> >>> making them pretty. >> >>> >> >>> -J >> >>> >> >>> On Sun, Oct 24, 2010 at 9:22 AM, Lennard de Rijk >> >>> <[email protected]> wrote: >> >>> >> >>> >> >>> >> >>>> Hi, >> >>>> The GWT error messages can be safely ignored (as long as in the end >> >>>> it still >> >>>> says that compiling permutations succeeded :)). Can you set >> >>>> the ACCOUNT_STORE_TYPE to memory ? The fake user store doesn't allow >> >>>> you to >> >>>> register anything and is currently still a default as we are working >> >>>> on the >> >>>> user storage. >> >>>> Greetings, >> >>>> Lennard >> >>> >> >>>> On Sat, Oct 23, 2010 at 8:07 AM, pedz <[email protected]> wrote: >> >>> >> >>>>> I made these changes: >> >>> >> >>>>> WAVE_SERVER_DOMAIN_NAME=`hostname | tr 'A-Z' 'a-z'` >> >>>>> WAVE_SERVER_HOSTNAME=`hostname | tr 'A-Z' 'a-z'` >> >>>>> WEBSOCKET_SERVER_HOSTNAME=`hostname | tr 'A-Z' 'a-z'` >> >>> >> >>>>> Now, when I try to log in it says forbidden and when I try to create >> >>>>> an account (no matter what name) it says it already exists. So... >> >>>>> that didn't help any. >> >>> >> >>>>> On Oct 23, 9:57 am, pedz <[email protected]> wrote: >> >>>>>> I'm on Mac OS X 10.6. When I do "java -version" I get back: >> >>>>>> Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-10M3261) >> >>>>>> Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03-307, mixed mode) >> >>> >> >>>>>> so I'm running 1.6. During the build process, when I did ant >> >>>>>> compile_gwt, I got some warnings and a pocket full of errors but >> >>>>>> the >> >>>>>> build said it completed successfully. Here are the ERROR messages: >> >>> >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/ExtraAsserts.java' >> >>>>>> [java] [ERROR] Line 44: No source code is available >> >>>>>> for >> >>>>>> type junit.framework.Assert; did you forget to inherit a required >> >>>>>> module? >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/GenericGWTTestBase.java' >> >>>>>> [java] [ERROR] Line 36: No source code is available >> >>>>>> for >> >>>>>> type com.google.gwt.junit.client.GWTTestCase; did you forget to >> >>>>>> inherit a required module? >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/StoreArgumentAction.java' >> >>>>>> [java] [ERROR] Line 21: The import org.jmock cannot >> >>>>>> be >> >>>>>> resolved >> >>>>>> [java] [ERROR] Line 22: The import org.jmock cannot >> >>>>>> be >> >>>>>> resolved >> >>>>>> [java] [ERROR] Line 37: Action cannot be resolved to >> >>>>>> a >> >>>>>> type >> >>>>>> [java] [ERROR] Line 66: Invocation cannot be resolved >> >>>>>> to >> >>>>>> a type >> >>>>>> [java] [ERROR] Line 71: Action cannot be resolved to >> >>>>>> a >> >>>>>> type >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/GenericTestBase.java' >> >>>>>> [java] [ERROR] Line 29: No source code is available >> >>>>>> for >> >>>>>> type junit.framework.TestCase; did you forget to inherit a required >> >>>>>> module? >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/OpMatchers.java' >> >>>>>> [java] [ERROR] Line 41: No source code is available >> >>>>>> for >> >>>>>> type org.hamcrest.Matcher<T>; did you forget to inherit a required >> >>>>>> module? >> >>>>>> [java] [ERROR] Line 42: No source code is available >> >>>>>> for >> >>>>>> type org.hamcrest.BaseMatcher<T>; did you forget to inherit a >> >>>>>> required >> >>>>>> module? >> >>>>>> [java] [ERROR] Line 49: No source code is available >> >>>>>> for >> >>>>>> type org.hamcrest.Description; did you forget to inherit a required >> >>>>>> module? >> >>>>>> [java] [ERROR] Line 57: No source code is available >> >>>>>> for >> >>>>>> type org.hamcrest.TypeSafeMatcher<T>; did you forget to inherit a >> >>>>>> required module? >> >>>>>> [java] [ERROR] Errors in >> >>>>>> 'jar:file:/Users/lroot/Source/Wave/ >> >>>>>> >> >>>>>> wave-protocol/third_party/runtime/wave-libraries/model-src.jar!/org/ >> >>>>>> waveprotocol/wave/model/testing/Response.java' >> >>>>>> [java] [ERROR] Line 89: No source code is available >> >>>>>> for >> >>>>>> type org.mockito.stubbing.Answer<T>; did you forget to inherit a >> >>>>>> required module? >> >>>>>> [java] [ERROR] Line 97: No source code is available >> >>>>>> for >> >>>>>> type org.mockito.invocation.InvocationOnMock; did you forget to >> >>>>>> inherit a required module? >> >>> >> >>>>>> Oh, one small boo boo I found. The instructions say to do: >> >>> >> >>>>>> cp run-config-nofed.sh run-config.sh >> >>> >> >>>>>> but the sample is actually called run-nofed-config.sh >> >>> >> >>>>>> I did not make any changes to the config file. It all look "sane" >> >>>>>> to >> >>>>>> me. I started the server and browsed to the local port. I was >> >>>>>> redirected to: >> >>> >> >>>>>> http://localhost:9898/auth/signin?r=/ >> >>> >> >>>>>> I hit the register new account link, typed in a name (like "foo" >> >>>>>> without quotes) and password and hit submit and it says: >> >>> >> >>>>>> You can only create users at the Happy.local domain >> >>> >> >>>>>> Happy is my local host name. >> >>> >> >>>>>> The debug to the last request coming to the console is: >> >>> >> >>>>>> 2010-10-23 09:54:42.766:DBUG::REQUEST /auth/register on >> >>>>>> org.eclipse.jetty.server.nio.selectchannelconnecto...@427ab40c >> >>>>>> 2010-10-23 >> >>> >> >>>>>> >> >>>>>> 09:54:42.777:DBUG::sessionManager=org.eclipse.jetty.server.session.HashSess >> >>>>>> ionmana...@3ddcc4cd >> >>>>>> 2010-10-23 09:54:42.777:DBUG::session=null >> >>>>>> 2010-10-23 >> >>> >> >>>>>> >> >>>>>> 09:54:42.778:DBUG::servlet=org.waveprotocol.box.server.rpc.UserRegistration >> >>>>>> Servlet-2043289758 >> >>>>>> 2010-10-23 09:54:42.778:DBUG::servlet holder= >> >>>>>> org.waveprotocol.box.server.rpc.UserRegistrationServlet-2043289758 >> >>>>>> 2010-10-23 09:54:42.778:DBUG::chain= null >> >>>>>> 2010-10-23 09:54:42.782:DBUG::RESPONSE /auth/register 403 >> >>> >> >>>>>> (don't seem particular useful but I thought I'd post it). I'm >> >>>>>> going >> >>>>>> to tinker and try to remove the capital from the H of Happy. I'm >> >>>>>> wondering if maybe thats the glitch. >> >>> >> >>>>>> Any other suggestions? >> >>> >> >>>>> -- >> >>>>> You received this message because you are subscribed to the Google >> >>>>> Groups >> >>>>> "Wave Protocol" group. >> >>>>> To post to this group, send email to [email protected]. >> >>>>> To unsubscribe from this group, send email to >> >>>>> [email protected]. >> >>>>> For more options, visit this group at >> >>>>> http://groups.google.com/group/wave-protocol?hl=en. >> >>> >> >>>> -- >> >>>> You received this message because you are subscribed to the Google >> >>>> Groups >> >>>> "Wave Protocol" group. >> >>>> To post to this group, send email to [email protected]. >> >>>> To unsubscribe from this group, send email to >> >>>> [email protected]. >> >>>> For more options, visit this group at >> >>>> http://groups.google.com/group/wave-protocol?hl=en. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups "Wave Protocol" group. >> >> To post to this group, send email to [email protected]. >> >> To unsubscribe from this group, send email to >> >> [email protected]. >> >> For more options, visit this group at >> >> http://groups.google.com/group/wave-protocol?hl=en. >> >> >> >> >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups "Wave Protocol" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group at >> > http://groups.google.com/group/wave-protocol?hl=en. >> > >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Wave Protocol" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/wave-protocol?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Wave Protocol" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/wave-protocol?hl=en. > -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
