Elias Torres wrote:
Dave,
I've committed all of my changes including a base auto-provision feature.
http://svn.apache.org/viewvc?view=rev&revision=438595
this didn't go through the normal proposal process which is fine in this
case, but i'd like to raise a couple minor concerns which i think are
worth addressing ...
1. I think it would be more fitting to move the contents of
AutoProvisioningHelper a little bit. I think the check for if
auto-provisioning is enabled should lie in the code segment that was
added to RollerSession and the retrieval of the AutoProvision instance
should come from RollerContext, i.e. ...
// try one time to auto-provision, only happens if user==null
// which means installation has SSO-enabled in security.xml
if(user == null &&
RollerConfig.getBooleanProperty("users.sso.autoProvision.enabled")) {
// provisioning enabled, get provisioner and execute
AutoProvision provisioner = RollerContext.getAutoProvision();
boolean userProvisioned = provisioner.execute();
if(userProvisioned) {
// try lookup again real quick
user = umgr.getUserByUserName(principal.getName());
}
}
2. The way getUserDetailsFromAuthentication() method works in
CustomUserRegistry seems limiting since to support a new type of
UserDetails would require modifying that class. I'm not sure exactly
how the appropriate implementation of UserDetails is chosen and
instantiated, presumably by Acegi somehow, but I think that we need to
force the use of a common interface like the RollerUserDetails interface
by all integrating providers. i.e. maybe when we cast the principal
that we get from Acegi we need to force the use of RollerUserPrincipals?
Object oPrincipal = authentication.getPrincipal();
if (!(oPrincipal instanceof RollerUserDetails)) {
log.warn("Unsupported Principal type in Authentication. Skipping
auto-registration.");
return null;
}
can we do both of those?
-- Allen
Matt,
I have one thing left to fix. In auto-provision mode, if a user has
authenticated via SSO (LDAP), the only role they have is "register", so
they can access the New Registration page. So, in RollerSession is
UserData is null, I call AutoProvisionHelper to try to register the
user. It works great, except that Acegi Security still believes the
Authentication only has roles "register" and not "editor,[admin]". I see
in SecurityContextHolder you can set Authentication, but I'm not sure
how to proceed. Any suggestions?
-Elias
Dave Johnson wrote:
I'm going to run though an install or two today with the new distro
layout, update the install guide and next try to get a release
candidate ready.
Allen: anything else you want to wrap up before RC?
Elias: what's the ETA on your SSO mods?
- Dave
On 8/30/06, Dave Johnson <[EMAIL PROTECTED]> wrote:
I like "apache-roller"
- Dave
On 8/29/06, Allen Gilliland <[EMAIL PROTECTED]> wrote:
k ... this has been checked into the roller_3.0 branch now.
i shuffled around a number of things, so let me know if anything
appears
to be broken.
one question that came up is what we actually want to name the final
release bundle. namely, should the release contain "apache-" in front
of it, which is how it works now, or is that not really necessary
and it
should just start as "roller-"? doesn't really matter to me, just
makes
the file paths a bit longer is all. this is what we have now ...
apache-roller-$version
apache-roller-src-$version
-- Allen
Allen Gilliland wrote:
I think everyone agreed on this so I'm going to move forward with
implementing it for the 3.0 release.
Does anyone care if I rename a few of the ant tasks along the way,
namely things like "build-beans" -> "build-business" and other cases
where I think the naming could be a bit more intuitive?
-- Allen
Anil Gangolli wrote:
That works. I think that means basically separating the source and
"binary" distributions.
----- Original Message ----- From: "Allen Gilliland"
<[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, August 16, 2006 8:53 AM
Subject: Re: Proposal: New distribution layout
Good point. comments inline ...
Anil Gangolli wrote:
Allen, I already voted +1, but I just noticed sources being
combined
in, and I had a couple of comments/questions.
(1) You might want to consider calling the top of the source tree
something other than "src", maybe "sources" because I think we
expect it to look like the top of the roller source tree does
in SVN
which itself contains several directories and files (e.g. "web",
"tools", build.xml) as well as the actual "src" directory below
it.
yes, that definitely makes sense.
(2) I hope there will be a source distribution that does not
include
the binary(?)
what's the standard here? i don't usually download the source
distribution so i'm not sure what most people do, but it makes
sense
to me that downloading the source means you don't get a binary.
(3) Do we plan to include the (distributable) libraries that are
under the "tools" in such combined packages?
seems like the best thing to do may be to remove the "webapp"
directory and include a "sources" directory in the source
distribution. in that case the "sources" directory would contain
everything needed to build the war, including libs.
would that work?
-- Allen
--a.
----- Original Message ----- From: "Dave Johnson"
<[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Wednesday, August 16, 2006 5:09 AM
Subject: Re: Proposal: New distribution layout
+1
On 8/16/06, Elias Torres <[EMAIL PROTECTED]> wrote:
+1
Allen Gilliland wrote:
we talked about this a while back and I've just now got
around to
pulling this into an actual proposal ...
http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_DistributionLayout
nothing fancy right now, basically just setting up the
distribution > so
that the download isn't just the webapp.
-- Allen
