Scott is correct. AFAIK, it never worked (the contributor never finished it).
"Weaver, Scott" <[EMAIL PROTECTED]> writes: > Someone correct me if I'm wrong, but to my knowledge LDAP security within > Turbine is still broken (AFAIK, it was never fully implemented). > > Scott > > >> -----Original Message----- >> From: David Rideau [mailto:[EMAIL PROTECTED]] >> Sent: Wednesday, April 17, 2002 11:23 AM >> To: [EMAIL PROTECTED]; [EMAIL PROTECTED] >> Subject: LDAP authentication - LDAPUserManager.java >> >> >> Hi everybody, >> >> I'm french, so excuse me for my poor english :-) >> >> I'm trying to run jetspeed and authenticate users with an LDAP server >> and I encountered some little problems. >> I'm running under linux redhat 7.2 >> I have downloaded latest versions of : >> - jetspeed sources (2002-04-15) >> - turbine sources (2002-04-15). (Note : I have added the >> stratum-1.0-b1.jar file which is not included but necessary >> to compile >> turbine, and referenced it in the build.properties.sample >> file from turbine) >> >> Here is an extract of my TurbineRessources.properties >> paramaters for ldap : >> # ------------------------------------------------------------------- >> # S E C U R I T Y S E R V I C E >> # ------------------------------------------------------------------- >> >> services.SecurityService.user.manager=org.apache.turbine.servi >> ces.security.ldap.LDAPUserManager >> services.SecurityService.secure.passwords=false >> services.SecurityService.secure.passwords.algorithm=SHA >> >> #services.SecurityService.ldap.security.athentication=simple >> >> ldap.security.athentication=simple >> >> # ------------------------------------------------------------------- >> >> When I define all parameters with the "services.Security" prefix, >> parameters are not found and it results in a HORRIBLE Exception ... >> >> I looked in the >> org.apache.turbine.services.security.ldap.LDAPUserManager.java source >> code to understand what happens. >> I have made some changes in the bind() function and in the >> retrieve(user) function and it seems to work...(If I can send changes >> and remarks about the code to somebody, please tell me). >> I can find a user in my LDAP server but I can't authenticate him. >> I don't understand why the authenticate(user, password) >> function try to >> bind to the LDAP server with user's informations. >> Why the user's password isn't verified once user record has >> been found ? >> How should you know what is the password fieldname in the >> LDAP record ? >> >> Perhaps my questions are not intended to these mailing-list, >> so please >> redirect me to the right people. >> >> Thanks for help >> >> David Rideau >> >> >> >> -- >> To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
