oops, my mail has been a little bit truncated ;)
Basically, I agree we should replace those chains by simple method
calls. It has been done for Simple bind, but it has to be done for all
the other chains. Here are the list of used chains, with the classes
being called. (those starting with a '*' are called only in debug
mode) :
BindHandlerChain:
configureChain
chainGuard
handleSasl
handleSimple
getLdapContex
returnSuccess
ChangePasswordChain :
configureChangePasswordChain
getAuthHeader
verifyServiceTicket
getServerEntry
verifyServiceTicketAuthHeader
extractPassword
*monitorContext
processPasswordChange
buildReply
*monitorReply
DomainNameServiceChain :
*monitorRequest
getResourceRecords
*monitorContext
buildReply
*monitorReply
AuthenticationServiceChain :
*monitorRequest
configureAuthenticationChain
selectEncryptionType
getClientEntry
verifyPolicy
preAuthenticationChain
getServerEntry
generateTicket
buildReply
*monitorContext
*monitorReply
sealReply
PreAuthenticationChain :
verifySam
verifyEncryptedTimestamp
TicketGrantingServiceChain :
*monitorRequest
configureTicketGrantingChain
selectEncryptionType
getAuthHeader
verifyTgt
getTicketPrincipalEntry
verifyTgtAuthHeader
verifyBodyChecksum
getRequestPrincipalEntry
generateTicket
buildReply
*monitorContext
*monitorReply
sealReply
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
