I had not thought of that, Rafal. I will look into it. For now I have a
custom login action that checks some HTTP headers and then decides on how to
validate a TurbineUser from there. That works fine with Turbine users stored
in, say, Oracle, but when I want to add the LDAP users the factory seemed
ignorant of them unless I dropped the TurbineUser in favor of the LDAPUser
class. I'll see what I can do with this though.
FYI, SiteMinder is a commercial tool that I am finding in use at various
places. Its more-or-less a glorified proxy system that hides URLs and forces
the user to authenticate through SiteMinder. Once this is done there are a
couple ways to determine whether the user is authenticated based on an
incoming request, including a callable API, cookies, and HTTP header
variables. It's not open source, just something that I personally need to
deal with at the moment.
Thanks
David Ramsey
==============================================================
"Always listen to experts. They'll tell you what can't be
done, and why. Then do it."
-- Lazarus Long, in Robert Heinlein's Time Enough for Love
==============================================================
----- Original Message -----
From: "Rafal Krzewski" <[EMAIL PROTECTED]>
To: "Turbine" <[EMAIL PROTECTED]>
Sent: Monday, September 11, 2000 4:48 PM
Subject: Re: user.class
> David Ramsey wrote:
>
> > Turbine seems to implement but one type of user interface as specified
in
> > the user.class setting in the TurbineResources.properties file.
> >
> > I am looking at a situation in which there are two groups of users, one
> > authenticated via SiteMinder, and the other authenticated via LDAP. The
> > customer would like the Site Minder authenticated users to be plugged
> > straight into their homepage without having to visibly login to
Jetspeed. I
> > think this is doable with a hidden post to Jetspeed's login action and
> > specifying a SiteMinderUser class as the class to implement the user
> > interface.
> >
> > However, this leaves me with the alternate set of users for whom I was
> > working on an LDAPUser class.
> >
> > Is there any way to specify to Turbine the class to load, other than the
> > default class specified in the properties file? In other words, I am
looking
> > for a way to choose between 2 User interface implementations. My first
look
> > at UserFactory seems to imply that it is always the class specified in
the
> > properties file.
>
> This is perfectly doable. I think that you should use Turbine LoginUser
action
> for authenticating LDAP based users, and write a custom SessionValidator
that
> will try authenticating the user with SiteMinder (I haven't slightest idea
> what could it be... some Jetspeed stuff?) and if authenticated, sticking
> SiteMinderUser object into the session (just as LoginUser does).
>
> Maybe I got something wrong, because I don't know JetSpeed, but for me it
sounds
> fairly easy.
>
> Rafal
>
>
> ------------------------------------------------------------
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
> Problems?: [EMAIL PROTECTED]
>
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
