Jann Forrer schrieb:
Hi Andreas
[ ... ]
@@ -193,16 +200,17 @@
}
identity.removeIdentifiable(oldUser);
}
- identity.addIdentifiable(new TransientUserReference(user));
+ identity.addIdentifiable(new ShibbolethUserReference(user));
if (getLogger().isDebugEnabled()) {
getLogger().debug("Adding user [" + user + "] to identity.");
}
}
Do you think it make sense to pass the type of UserReference
(TransientUserReference, ShibbolsethUserRefernce, ....) as a parameter
to the updateIdentity method?
The reason is ask is: I extended the ShibbolethAuthenticator class
adding a authenticateLdapUser method in order to authenticate ldap user
which are not defnied in the cms. Within this method I also use the
updateidenty method of the super class.
If you need this functionality, IMO it would make sense to introduce a
cascade of authenticators. The Java class hierarchy is not flexible
enough to handle such cases.
DefaultAccessController:
public boolean authenticate(Request request, ErrorHandler handler)
throws AccessControlException {
assert request != null;
boolean authenticated = false;
Authenticators[] authenticators = getAuthenticators();
int i = 0;
while (!authenticated) {
authenticated = authenticators[i].authenticate(
getAccreditableManager(), request, handler);
i++;
}
return authenticated;
}
Would this meet your requirements?
However In the ldap case i don't need to add a ShibbolethUserReference
but a TransientUserReference to the identity.
In this case I'd rather introduce the method
ShibbolethAuthenticator.createReference(User user);
-- Andreas
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
