Hi, I was working on a LDAPUserDatabase, and ran into some issues or questions.
A company LDAP directory usually is read-only. So, what to do with changes by the user? One would need something like a second JDBC UserDatabase to store user changes (I don't like the XML files), but still get authentification and user names from LDAP. com.ecyrd.jspwiki.auth.user.UserDatabase#isSharedWithContainer() This method would only make sense if JSPWiki would support several UserDatabases at the same time. If not, JSPWiki knows if container managed security is on. For container managed security this method should be unnecessary. Same for UserProfile.setLoginName(), for container managed security JSPWiki should know better. At least, WikiEngine should provide a method to get the logged in user. I am accessing a Lotus Domino LDAP server (http://wiki.apache.org/tomcat/JNDI_HowTo), the user is looked up by cn, but cn is multivalued and the UserDatabase cannot know, which one the user entered. So it were better to have HttpServletRequest.getUserPrincipal() accessible. Or is LoginName not important, it seems only Fullname is displayed, and used in the page repository? Thanks, Jürgen
