Hi,
ok, I will wait for your mail.
Olivier Grisel wrote:
Vincent Dutat a écrit :
I have a question : does LDAP groups are taken in account ? I thought
only group memberships defined in nxsqldirectory.user2group were.
They are not taken into account but I am refactoring the directories /
usermanager to make it possible to define references between directories (work
done in the following branch :
https://svn.nuxeo.org/nuxeo/org.nuxeo.ecm.directory/branches/ogrisel-directory-references/
).
The goal is to have only 2 directories by default (except those of type
vocabulary / xvocabulary):
- userDirectory
- groupDirectory
And then define a three references:
user:groups [userDirectory] <=> group:members [groupDirectory]
group:subGroups [groupDirectory] <=> group:parentGroups [groupDirectory]
All those fields are of type nxs:stringList in base.xsd (which means
List<String> in java and store the ids of the entries of the target directory
matching the reference).
The reference implementation will come in 3 types:
- TableReference (use a SQL table to store a many-to-many relation)
- LdapReference (manage dn valued attribute of groupOfUniqueNames LDAP entries)
- InverseReference (compute opposite references of one of the previous
implemetations).
Those the reference will be defined in the directory contributing extension
points and thus will be configurable to match the following cases (at least):
- users in SQL, groups in SQL, references in SQL
- users in LDAP, groups in SQL, references in SQL
- users in LDAP, groups in LDAP, references in LDAP
Hence the UserManager will no longer be responsible for managing those links but
the directories will do it directly.
I'll send a detailed mail on the new configuration after having it merged into
the trunk.
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
