I'm not sure I see the problem. The DefaultAccessController is specified in
TurbineResources.properties with the key:
access.control=org.apache.turbine.om.security.DefaultAccessControl
Just build your own access controller using JNDI and implementing the
AccessControlBuilder interface and everything looks like it will work fine
as far as I can see.
I agree that the admin screens are weak in this regard though. Are these
candidates for further abstraction so that the admin screens can then be
used by default with any external datasource? I would think the admin
screens should work in terms of an abstract datasource, user objects and
role objects. In fact, I may try implementing something like this as I work
through my LDAP implementation.
David Ramsey
==============================================================
"Always listen to experts. They'll tell you what can't be
done, and why. Then do it."
-- Lazarus Long, in Robert Heinlein's Time Enough for Love
==============================================================
----- Original Message -----
From: "Grzegorz Czuba" <[EMAIL PROTECTED]>
To: "'Turbine'" <[EMAIL PROTECTED]>
Sent: Tuesday, September 12, 2000 2:43 PM
Subject: LDAP, Roles and Permission classes and new keys in TR propertie s
file
> Hello
>
> Working on adding LDAP support to Turbine I found a wall.
>
> After creating my own TurbineJndiUser implementation of User class, I
> started to find a way to keep other user information in LDAP server.
> Generally, I think about Roles, Permissions and Jobs.
>
> And suddenly I found a problem.
>
> # This is the class that implements the User interface
> # Default: org.apache.turbine.om.user.TurbineUser
> user.class=org.apache.turbine.om.user.TurbineJndiUser
>
> Accordind to documentation, there is a key in TR properties file which can
> be used to use new version of User class.
> OK, it works, BUT there is nothing which can I use to replace based on SQL
> database access
> actual implementation of Permission and Role classes.
>
> Looking in Turbine code, I found, that in order to do it, I must to create
> at LEAST 20 new java files to change.
>
> I think, that it is to much :)
>
> Is there a way to get Turbine to use other implementation of Roles and
> Permission instead
> of based on Peer?
>
> Am I missing something in the documentation or simple solution ?
>
> Maybe we should add new keys in TR properties file ?
>
> Best regards
> Grzegorz Czuba
>
> PS: Sorry for my English
>
> ///////////// LIST of files with HARD coded references to PEER
> ///////////////
>
> turbine\om\security\DefaultAccessControl.java
> turbine\om\security\Permission.java
> turbine\om\security\Role.java
>
> *** turbine\om\user\peer\VisitorRolePeer.java ( those 4 files can be
safely
> skiped )
> *** turbine\om\security\peer\PermissionPeer.java
> *** turbine\om\security\peer\RolePeer.java
> *** turbine\om\security\peer\RolePermissionPeer.java
>
> turbine\admin\actions\admin\user\AddUser.java
> turbine\admin\actions\admin\user\UpdateUser.java
> turbine\admin\actions\admin\security\UpdatePermission.java
> turbine\admin\actions\admin\security\UpdateRole.java
> turbine\admin\actions\admin\security\UpdateRolePermission.java
>
> turbine\admin\screens\admin\security\EditRolePermission.java
> turbine\admin\screens\admin\security\PermissionEditor.java
> turbine\admin\screens\admin\security\RoleEditor.java
> turbine\admin\screens\admin\security\SelectRolePermission.java
> turbine\admin\screens\admin\user\SelectUser.java
> turbine\admin\screens\admin\user\UserScreen.java
> turbine\admin\screens\admin\user\EditUser.java
> turbine\admin\screens\admin\user\AddUser.java
>
>
>
>
> ------------------------------------------------------------
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
> Problems?: [EMAIL PROTECTED]
>
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
