Hi all,
if you plan to extend ApacheDS, there are several options. Some are
standard LDAP ways (Controls, Extended Operations, ...), some are
ApacheDS specific (Partitions, ...).
One of the latter is the Interceptor concept, which gives you a glimpse
of AOP during request processing. With a custom interceptor, things may
happen before, after and even instead of the default server behavior.
This makes interceptors a very powerful mechanism, which on the other
hand may lead to severe problems, if done wrong (be warned).
For demonstration purposes, I have created a simple example interceptor,
which applies a hash function (e.g. MD5) to plain text user passwords
during entry insertion (LDAP add) and manipulation (LDAP modify).
Thus, an entry inserted like this
dn: cn=Kate Bush,ou=users,ou=system
objectClass: top
objectClass: person
cn: Kate Bush
sn: Bush
userPassword: secret
will be stored in the partition like this
dn: cn=Kate Bush,ou=users,ou=system
objectClass: top
objectClass: person
cn: Kate Bush
sn: Bush
userPassword: {MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==
The tutorial includes implementation, configuration and verification of
the interceptor and will hopefully act as a starting point for those
experienced (!) users who plan to use interceptors to customize their
server.
Learn more about it here:
http://directory.apache.org/apacheds/1.5/62-implementing-a-simple-custom-interceptor.html
Thanks to Emmanuel for the feedback. Other comments/corrections are
highly appreciated!
Greetings from Hamburg,
Stefan
