[openmeetings-dev] Re: Issue 1208 in openmeetings: add sync-ldap-password-to-om to make LDAP Passwords configurable + add Patch for OpenLDAP

Thu, 15 Apr 2010 14:56:30 -0700
Comment #3 on issue 1208 by t.lemeur: add sync-ldap-password-to-om to make LDAP Passwords configurable + add Patch for OpenLDAP 
http://code.google.com/p/openmeetings/issues/detail?id=1208

Here is a new version of the patch.
* In this version, each imported user from LDAP will get the ExternalUserType set to 
"LDAP3
- note that I can't set the UserDN in ExternalUser_Id because it is a string and 
the DB field is an Integer !
* When authenticating a user, OM checks if the user already exists in its internal DB, and if yes, read the ExternalUserType. If this value is NULL or not LDAP, authentication is done on the internal DB. If authentication Type is LDAP, and user is admin and Ldap Passwords are Synchronized to OM DB, then authentication is done 
locally (same as before).
- However if ExternalUserType is LDAP and user is not admin, then authentication is done on the LDAP server (even if the LDAP server is down): Note that I think this is the same behaviour as before because haven't seen where the code was supposed to 
fallback to Internal DB auth when LDAP server is down.
Applying this patch means that the Users table in OM DB must be updated so that Users that were previously added with LDAP import have their ExternalUserType field updated 
to "LDAP"
Another notice about coding: I've setup the EXTERNAL_USER_TYPE_LDAP constant in both MainService and LdapLoginManagement which is bad because this definition should be shared among all Classes. Can you move this definition where it is supposed to be (I 
admit I have no clue) and remove duplicate definition ?

Comments are welcome.

Thibault

Attachments:
        openLdap-NewLdapParams.diff  21.4 KB

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

--
You received this message because you are subscribed to the Google Groups 
"OpenMeetings developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/openmeetings-dev?hl=en.

Reply via email to