On Jul 25, 2015 9:20 AM, "Emmanuel Lécharny" <[email protected]> wrote: > > Hi guys, > > I'm currently reviewing Lucas' patches, which sounds good so far. But... > > I'm a bit annoyed by the existing code, and I think we have been sloppy > for years. This is an accumulation of use cases, piling into the code as > we found new things to check. The modify() operation is more than 300 > lines long, for instance, and it's hard to know what is being checked. > > Also I found that the fix I applied to allow another Attribute to be > used instead of userPassword is not good enough : see > https://issues.apache.org/jira/browse/DIRSERVER-2085 for a clear > description of what I have missed. > > Bottom line, this interceptor requires some love. This is one critical > part of the security system, we should review it. I'm currently > 'fragmenting' the modify operation so that we don't have anymore a > monolitic method, but many smaller ones, easier to grasp. > > Thanks ! >
+1
