Le 11/7/12 12:16 PM, Fabio Martelli a écrit :
Il giorno 07/nov/2012, alle ore 11.44, Emmanuel Lécharny ha scritto:
Le 11/7/12 11:15 AM, Francesco Chicchiriccò a écrit :
On 07/11/2012 10:48, Fabio Martelli wrote:
Il giorno 07/nov/2012, alle ore 10.35, Colm O hEigeartaigh ha scritto:
Hi Fabio,
Thanks for the reply. Just to clarify: we have no way of importing
passwords into Syncope from users stored in an LDAP backend that
isn't Sun Directory Server Enterprise Edition? Could you expand on
the reasons for this if so?
Hi Colm,
actually the reason is not so clear to me as well: the current ldap
connector implementation is the original provided by Sun Microsystems.
We can take a look at the sources to investigate a possible refactoring.
If you would take care of this, please check it out
at https://code.google.com/p/connid/source/checkout.
...you mean https://connid.googlecode.com/svn/bundles/ldap/trunk
In my opinion we should first investigate what gets actually passed by
the connector to Syncope for password: need to debug/break or put some
additional logging statement somewhere in Syncope to actually obtain
something useful...
whith code like that :
String entryDN =
authnObject.getAttributeByName("entryDN").getValue().get(0).toString();
you can be sure that it will work with SunDS only : the entryDN attributeType
is specific to SUN servers...
Exactly what I expected.
If you think we have a common way to retrieve such information we can move the
discussion on connid dev ML in order to discuss the ldap connector refactoring.
The entry DN should *not* be taken from one of the entry attribute. This
is an operationnal Attribute, which is intended to be used to allow
searches based on the entry's DN (see RFC 5020). Expecting this value to
be present is just plain wrong.
The entry's DN shoudl be available directly as a part of the entry, but
not as an Attribute.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
