[ http://issues.apache.org/jira/browse/JS2-188?page=comments#action_57641 ] mike long commented on JS2-188: -------------------------------
Dear Edgar and Others interested in Jetspeed-2 and LDAP; I have spent the last couple of days thinking about the needs of our team here at Dataline. I have reviewed David Le Strat's LDAP authentication classes as well. I can think of a few requirements issues that I would like to discuss with this community. 1) Do any of you need LDAP authorization as well? In addition to LDAP authentication, we need LDAP authorization. I see from looking at the Jetspeed-2 code that at least two interfaces exist which need LDAP implementations: GroupSecurityHandler and RoleSecurityHandler. 2) Should this "first cut" of LDAP authentication include digest-based authentication, where the hashed password of a user is compared to the hash generated by the user when attempting to login? Doing so would save looking up the user, getting their DN, and then authenticating them. We really need that kind of performance here. Please forgive me if I am not using JIRA correctly. This is my first use of it. I will be gone until Tuesday and look forward to your comments. Sincerely, Mike Long > Implement the LDAP > ------------------ > > Key: JS2-188 > URL: http://issues.apache.org/jira/browse/JS2-188 > Project: Jetspeed 2 > Type: Improvement > Components: Security > Reporter: J, Edgar Zavala > > Implement the LDAP integration using the SPI, provide the LDAP authenitcation > option. > TODO: > 1.- Complete the current implementation and complete the David work in: > a) org.apache.jetspeed.security.spi.impl.LdapCredentialHandler > b) org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
