On 10/25/07, Abdullah Zahur <[EMAIL PROTECTED]> wrote: > Thanks for the help. Yes that was the problem and I will use the users list > to post questions too. Basically what I am tring to do is modify ApacheDS, > in such a way that it uses some other directory... other than the datastore > of apacheDs to lookup users and their information. > Can you give me some pointers. > I was thinking that would it be easier, if I use referrals, to look up users > then I might not have to modfiy anything in apacheDs what are you thoughts
There is an interface called PrincipalStore that you could easily implement with an alternate backend. We re-implement it with a HashMap to do full-protocol tests without having to fire-up the ApacheDS backend. As for referrals, I haven't tried this and I'm not sure what the current state of ApacheDS is w.r.t. referral support. I doubt the current PrincipalStore implementation we use would know what to do if it finds a referral instead of the expected Kerberos principal. BTW, prior to ApacheDS 1.5.1 the LDIF loader was "Kerberos aware," which is why your old way of loading principals no longer worked. The drawback to that mechanism was you could only load principals via LDIF. Now LDIF loads, LDAP changes, and the Change Password protocol all use the interceptor. Enrique
