On Aug 3, 2005, at 12:57 PM, J. Wolfgang Kaltz wrote:
Jonathan Linczak schrieb:
(...)
I went ahead and did this and found something that caught my eye. As
I clicked the "Login as Editor" link to the publication, some
notices started appearing about a user I know of that was recently
removed from Active Directory. As a test, I went in and removed
username.iml (again, being generic here) from
pubname/config/ac/passwd/ and then I got another error when trying
to get the login box for the publication, stating that it didn't
understand the user ID of [username]. I immediately thought, I
wonder if it is checking all the users and their permissions to the
site, and sure enough, after removing the entries within the files
underneath of pubname/config/ac/policies/ I was able to log in. So
it seems to me that somehow all of the users and their permissions
are being checked even before the user has the opportunity to log
in. Was this the intention?
I can't reproduce this behavior myself; if I delete a user from LDAP,
and try to log-on with this user in Lenya I simply get the standard
"can't login" error, and have no trouble logging in afterwards with a
still existing user.
So I am frankly not sure what is going on in your case; whether it's a
different behavior due to MSAD or whether the policy handling in your
publication is different from the default publication.
Well, I am doing something slightly different. I have assigned myself
and a couple of overall administrators to the Authoring section and
moved the groups review and edit to visitors only, and I believe this
is where the removed user was situated. So perhaps this could be the
reason why it is doing that?
Anyway I looked at the code in detail; and came to the conclusion that
initialize() should not throw an exception in any case. Maybe this
will solve your problem. I also added some more debugging messages.
It would be great if you could try the new version of LDAPUser.java in
your installation (just checked it in in BRANCH_1_2_X), and see if it
corrects the problem you described. And if it doesn't, please post the
full log trace.
Please advise whether you are able to test it, and if it works (so I
can check it into 1.4 as well)
I do have a development environment setup, but with so much work on the
books before the start of the school year, I won't be able to do any
testing for another couple of weeks. Hopefully then I can get you the
feedback you need on the changes you have made.
Jon
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
