Marc - glad to hear your login module works now!
With respect to your note about the cookie being cleared at
logout - that is by design. We've actually gone back and
forth on this; originally we cleared the cookie, then we
left it as-is. And THEN we got a bug report suggesting that
leaving the cookie hanging around was confusing users. So we
cleared it again. There's no way we're going to please
everyone, so we're going to let the current behavior stand.
Sorry if you find it annoying; I hope that in time you'll
regard it as a charming quirk. 
One more thing. Your experiences developing the LDAP login
module suggests that there's probably some minor additional
refactoring we could do to better split the logging-in part
from the user profile storage. In retrospect it's a little
crazy that you needed to subclass XMLUserDatabase when all
you really needed was an authenticator. So, that's
something we will do in the future (not in the near term
though).
- Andrew
Wireless ball and chain provided by VersaMail
-----Original Message-----
From: Alexander Samad <alex samad.com.au>
Subj: Re: [Jspwiki-users] Re: LDAP authentication for
JSPWiki 2.4.x?
Date: Fri Jul 28, 2006 19:13
Size: 2K
To: jspwiki-usersecyrd.com
Marc
Will you be making your version available as well ?
Thanks
Alex
On Fri, Jul 28, 2006 at 03:32:29PM +0000, marpatelenet.be wrote:
> Andrew,
>
> thanks for your elaborated answer, I tried your
suggested settings for the jaas file (I would have sworn
that I already tried those ...) and it works fine now !
> Just one small annoyance still: when I log in, to do
something only an authenticated user can do, and then log
out again I am back an Anonymous user instead of an
Asserted, although I was an Asserted user when I logged in,
so I have to set again my WikiName in the Prefs.
>
> One other question I asked you some days ago whas that
the policy setting "grant signedBy jspwiki" does
not seem to be recognized, I have to use a "grant
codebase "file:...", I have still no idea what
the problem there is.
> I did not rebuild the jar file and the .jks file is
found, the settings are appended to weblogic.policy.
> Do you have a suggestion to find this out ?
>
> regards,
> Marc
>
> original message:
> Marc, Malte, Alex, Gordon:
>
> I've been a bit absent from this conversation,
unfortunately, because
> of some other competing priorities. But I wanted to
give you some
> feedback because I want to see your efforts succeed.
>
> First, Marc -- your LDAPLoginModule is a great idea.
I'd love to add
> it to the core distro when it's finished. You are, I
think, very
> close to getting it working. However, you need to
eliminate the
> "callback exception" error. This is being
caused because your LDAP
> module is asking the WebContainerCallbackHandler for a
resource it
> can't provide.
>
> Callback handlers in general, by the way, exist so that
they can
> generically provide the LoginModule with the things it
needs to
> authenticate someone. MOST login modules need a
'name' and a
> 'password', but others could require an X.509
certificate or a
> cookie. JSPWiki's own login modules
(WebContainerLoginModule and
> UserDatabaseLoginModule) want their respective
CallbackHandler to
> supply things like a UserDatabase, an
HttpServletRequest and the
> Authorizer).
>
> <skipped the rest>
>
>
> _______________________________________________
> Jspwiki-users mailing list
> Jspwiki-usersecyrd.com
> http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
>
--- message truncated ---
_______________________________________________
Jspwiki-users mailing list
Jspwiki-usersecyrd.com
http://ecyrd.com/cgi-bin/mailman/listinfo/jspwiki-users
|