Hi Emmanuel, the Kerberos stuff is quite broken atm mainly due to a lack of reliable unit tests (for example [1]) and the whole bigbang-mina2-merging thing. So far it's not such a big thing to fix it. I started with it last week and at the moment it's at least possible again to start the server and obtain TGTs (will write another mail about this after doing a bit more tests), but I fear if there is another big reorganisation of the whole codebase it would be much harder to fix.
My suggestion: Fix the stuff, so that the server has at least the kerberos functionality it had back in 1.5.1, and, more important, add unit-tests that reliable test the whole functionality. If we then have at least 2+x (x>=0) committers for it, I will support this proposal. I'm willing to work on the Kerberos server further, but don't have that much time atm. Kiran, it would be great if you could also have a look at it. regards, Christine [1] http://issues.apache.org/jira/browse/DIRSERVER-1341 2009/4/3 Emmanuel Lecharny <[email protected]>: > Hi guys, > > it's now one week ApacheConference EU is over and we had time to recover > (barely) from this very interesting event. As Alex is still in Paris, we > also had time to share some ideas about the internal project organization > (I'm specifically refering the source base, not about the people and roles > here). Let me now share those ideas with the dev list. > > We currently have a few 'top level' projects : > * Apache DS 1.0 > * Apache DS 1.5 > * Studio > * Triplesec > > Those are the projects a user can see on the web site. It's maybe time to > change that a bit. We could have something like : > * LDAP Client-API > * ApacheDS > o ADS 1.0 (will die some day ...) > o ADS 1.5 (won't survive 2.0) > o ADS 2.0 (soon !) > * Studio > * Kerberos > * Triplesec > > - The LDAP client-API will be a new project, marked as 'WiP' (Work in > Progress). > - Kerberos may deserves its own project at some point, if we have aenough > committers working on it. Obviously will be marked as WiP. The big advantage > wpuld be to potentially bring more visibility to this project > - Triplesec should also be marked as WiP, or even better, 'prototype'. > > Now, let's think about the inner modules. The new client-API will contain a > lot of shared code. Here are the elements I see can be part of the > client-API : > o Entry > o Connection > o LDIF > o DSML > o DN > o RDN > o AttributeTypeAndValue > o ObjectClass > o AttributeType > o Syntax > o MatchingRule > o Message (all the LDAP requests) > > Then we can change the dependencies : the client-API will depend from > shared, and all other modules will depend on both client-API and shared. > That does not change drastically the ApacheDS project though. > > May be we can rename Client-API to Apache LDAP API too, as the server will > depend on the client-API. > > wdyt ? > > > > -- > -- > cordialement, regards, > Emmanuel Lécharny > www.iktek.com > directory.apache.org > > >
