On Mon, Feb 14, 2011 at 9:05 AM, Pierre-Arnaud Marcelot <[email protected]> wrote: > Hi Dev, > These last days, I've been reviewing Authentication in Studio using the LDAP > API. > I'm happy to say that all the Authentication methods that were supported in > Studio with JNDI are also working (not yet with the same options, though) > with the LDAP API integrated in Studio. > This includes: > - All encryption methods > - No encryption > - SSL encryption (LDAPS) > - StartTLS via exended operation > - All authentication methods > - No authentication (anonymous) > - Simple authentication > - DIGEST-MD5 (SASL) > - CRAM-MD5 (SASL) > - GSSAPI (Kerberos) > That said, there are still some options which are not (yet) available in the > LDAP API for some authentication methods (specifically SASL and GSSAPI) > like: > - For SASL > - Quality of Protection > - Protection Strength > - Mutual Authentication > - For Kerberos > - Use native TGT for Kerberos Credential Configuration > - Use native system configuration > - Use a specific configuration file > All these new settings will increase the, already long, list > of parameters for the SASL and GSSAPI methods. > To resolve that, I'd like to add new classes that will hold all these > informations and can be passed to the SASL and GSSAPI methods. > We could keep one or two general methods for each type of authentication > with the most commonly used parameters and a more generic approach with the > use of these new "configuration holder" classes. > Thoughts?
+1 to use a parameter object > One more question. > Should we push this into Shared-1.0.0-M1 or wait for the next iteration? Too late, vote already started. But maybe we need to rollback ;-) Kind Regards, Stefan
