On Wed, May 15, 2013 at 1:43 PM, Emmanuel Lécharny <[email protected]>wrote:
> Hi guys, > > a quick heads up, > > I fixed the delegatedAuthentication for basic use cases. We now can have > a remote LDAP server to authenticate a user which is not present > locally, assuming the DelegatedAuthenticator is added in the > authenticator lists. > > It's very basic, still. > > What remains to be done, and I'm working on it, is to add SSL and > startTLS so that we cna safely authenticate to a remote server. I will > have to add some more parameters (like the TrustManager to use), and > most certainly differentiate SSL from StartTLS. > > One more thing to do : determinate when to use the > DelegatedAuthentication depending on the baseDN (ie, when the user is > present locally, we may still want to delegate the authn to a remote > server, and for that, we just expect the authenticator to be called > based on the user DN). This is slaightly more complicated, but it's > definitively doable. > > just curious why would this be complicated, if the searchBaseDn is already configured and the said user entry is below this then the authentication will be delegated no? > It was a slow week last week, and I was expecting to get it working way > faster, but I had many other things to handle. > > I don't know much about it, but we call it 'life', I guess ;), np at all, thanks for the heads up and the consistent effort > Thanks ! > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com > > -- Kiran Ayyagari http://keydap.com
