[
https://issues.apache.org/jira/browse/FTPSERVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931692#action_12931692
]
Emmanuel Lecharny commented on FTPSERVER-391:
---------------------------------------------
You are right about the first, I overlooked the code. You need to do a lookup
to get back the DN and then do a bind. (see the second point for more efficient
authent)
Regarding the second point, I would not cache the password : it's a potential
security breach. Doing a bind on a LDAP server is really fast, compared to the
time it will take to load a file, for instance. But you can cache a <userName,
userDN> to avoid the first lookup.
> LDAP support
> ------------
>
> Key: FTPSERVER-391
> URL: https://issues.apache.org/jira/browse/FTPSERVER-391
> Project: FtpServer
> Issue Type: New Feature
> Components: Core
> Reporter: Andrey Domas
> Fix For: 1.1.0
>
> Attachments: mina-1.1.0-ldap.patch
>
>
> Patch with cached LDAP support.
> Features:
> * Authentication and authorization from LDAP(JNDI client implementation).
> * Cache for the search results in a directory for authentication (password
> is cached in the successful bindu).
> Cache options:
> - ttl - time to live of the object in the cache (seconds)
> - size - max. cache size(number of the objects)
> - check-interval - interval of the periodic cleaning job(search and
> remove expired objects, seconds)
> * User preferences received from LDAP attributes:
> username
> home directory
> enabled - if present then the user has the login permission)
> write permission - if present then the user has the write permission
> under home directory
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
