on 1/16/01 2:58 AM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> Jon Stevens wrote:
>>
>> Ok, why are we passing in a User object AND a password? Shouldn't the
>> password simply be retrieved from the User object with User.getPassword()?
>>
>
> Because User.getPassword() will return null in 99% of the LDAP setups.
> Nearly all corporate LDAP servers prevent users from reading passswords,
> it's a write-only attribute.
Right, but in the case of creation of a User, you are first populating a
User object with information such as username, first name, last name,
etc...then you are passing that into TurbineSecurity.addUser(). Given that
you are the one who has populated this object, it makes sense to place the
password in the same location as the rest of the User data and does not make
any sense to pass it in as a separate field.
I would like to change the definition of that method or create another
method that simply takes a User object with the expectation that the
password will be retrieved from the getPassword() method on the User object.
-jon
--
Honk if you love peace and quiet.
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
