On 08/27/2012 02:44 AM, Eric Charles wrote: > Hi Jeremy, > Yes, a new LDAPRecipientRewriteTable will allow to add 'secondary > address' to existing ones. > > You will have to put your hands in JAVA. The code resides in > https://svn.apache.org/repos/asf/james/server/trunk/ > - data-api and data-library have the code common to all impl (deprecated > jdbc, jpa), see the rrt package > - your implementation will come in data-ldap with a brand new package > org.apache.james.rrt.ldap. This project has the implementation for the > users, so you can see how the ldap connections are made. You will have > to implement LDAPRecipientRewriteTable which extends > AbstractRecipientRewriteTable > > We use maven: > http://james.apache.org/server/3/dev-build.html >
I've done a git-svn clone into my repo and I'll start taking a crack at
the code. I've got Eclipse already setup as I was working on some
Android code earlier so I'm setup I think.
> Other areas of contributions are:
> - Small tutorial to setup up James with Apache DS (steps taken, LDAP
> Schema, LDIF extract of example users...) - A few users have previously
> asked for this.
As soon as I get my notes together from this weekend I will see about
putting something together. I did everything rather off the cuff to get
it functioning and still have a few caveats I don't care for.
> - Unit tests with embedded ApacheDS for users (and rrt)
>
I'll try to take a stab at this as well.
> Thx again, Eric
>
> On 27/08/2012 06:22, Jeremy T. Bouse wrote:
>> I've stumbled through getting JAMES up and running and talking with
>> ApacheDS so far. The gotcha I found in getting JAMES to acknowledge my
>> users in ApacheDS was to change my usersrepository from:
>>
>> <usersrepository name="LocalUsers"
>> class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository"
>> ldapHost="ldap://localhost:389";
>> principal="uid=ldapUser,ou=system" credentials="topsecret"
>> userBase="ou=users,dc=example,dc=com" userIdAttribute="uid"/>
>>
>> that I had found referenced to in several locations to be:
>>
>> <usersrepository name="LocalUsers"
>> class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository"
>> ldapHost="ldap://localhost:389";
>> principal="uid=ldapUser,ou=system" credentials="topsecret"
>> userObjectClass="inetOrgPerson"
>> userBase="ou=users,dc=example,dc=com" userIdAttribute="uid"/>
>>
>> I'm not using any custom LDAP schema for my users but instead relying
>> on the standard inetOrgPerson as I feel it provides all that is
>> necessary. A standard user would be described as:
>>
>> dn: uid=Administrator,ou=users,dc=example,dc=com
>> objectClass: organizationalPerson
>> objectClass: person
>> objectClass: inetOrgPerson
>> objectClass: top
>> cn: System Administrator
>> sn: Administrator
>> mail: [email protected]
>> uid: Administrator
>> userPassword:: topsecret_hash
>>
>> This works and if I run the james-cli for 'listusers' I do in fact
>> now
>> get all of the users listed under the userBase DN and I can log into the
>> services (POP3, IMAP & SMTP) authenticating as the users from
>> ApacheDS/LDAP.
>>
>> Where my path strays and I haven't been able to find any clear course
>> correction guidance is if I add an additional email address to a user by
>> adding a second 'mail' attribute entry for say '[email protected]' and
>> then try to send email to that address JAMES will respond back that the
>> address does not exist. It would appear that there is no way, unless I'm
>> missing something, for JAMES to realize that the login 'Administrator'
>> in fact then has 2 valid email addresses that should be accepted for.
>>
>> It would seem this would be a perfect fit for a
>> LDAPRecipientRewriteTable class and I'm not finding any mention of one
>> though I see there is a JDBCRecipientRewriteTable (deprecated of course)
>> and a JPARecipientRewriteTable so figure it wouldn't be too hard to
>> flesh out I'd imagine. I'm not a big JAVA developer, mostly DevOps and
>> Administration but I'm certain if I could get some assistance and
>> guidance I could flesh out and test this theory.
>>
>> To me the logic would seem to be treat the 'uid' Username @ domain as
>> the primary email address (as it does already) and then have a LDAP RRT
>> class map 'mail' attribute values to the primary address. Of course
>> making the attribute name configurable as someone using pilotPerson
>> schema class might want to use 'otherMailbox' or use 'email' or
>> 'emailAddress' from the extensibleObject schema class or some other
>> custom schema variation.
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
smime.p7s
Description: S/MIME Cryptographic Signature
