Hi, I just updated the latest code and noticed that the createLdapPrincipal() method in the AbstractAuthenticator class has been commented out because it's not used anywhere in the ApacheDS code. This method is actually needed by custom authenticators. See rev. #167943 and http://wiki.apache.org/directory/ApacheDirectoryServer.
Upon a successful authentication, an authenticator needs to return an instance of LdapPrincipal. However, the LdapPrincipal class only has 2 constructors which aren't accessible outside the o.a.l.s.authn package. So, to circumvent this restriction, custom authenticators must call the createLdapPrincipal() provided by the AbstractAuthenticator. In my opinion, restricting the LdapPrincipal constructors like now is unnecessary. If the purpose is to protect from malicious code, it won't work because someone can just create a subclass of AbstractAuthenticator and provide arbitrary access to createLdapPrincipal(). A constructor should be protected only if we want to control the instance creation programmatically, but not to create a "sandbox". I think we should restore public access to the LdapPrincipal constructors and implement policy permissions or security manager. Any comments would be greatly appreciated. Thanks. -- Endi S. Dewata
