New development build available 2.1.0-dev5

Hi,

A new development build is available.  Some LDAP support work has gone in which requires some testing and feedback, please help:

An attempt has been made to make config as simple as possible for the end user.  Given below are the additional (optional) entries allowed in jtrac.properties  JTrac will use LDAP authentication if an "ldap.url" config entry is present. (authentication still falls back to the database if LDAP fails)

ldap.url=ldap://myldaphost
ldap.searchBase=DC=foo ,DC=bar,DC=org

if you are using Active Directory, you can add this line - this switches on an LDAP optimization for Active Directory.

ldap.activeDirectoryDomain=MYDOMAIN

Unfortunately I have tested only on Active Directory, so would appreciate some help in testing  for non-AD LDAP.  Any suggestions on whether and how we can get the space allocation info from LDAP are welcome.  If there are too many possible ways or this is confusing, maybe the best thing to do is to design an interface and expect users to implement this as per their specific LDAP requirement, add the compiled code to the classpath and specify the implementation in jtrac.properties

I plan to have a simple screen to browse and pick users out of LDAP ready soon.

As always, details on how to get the latest build are available here: http://jtrac.info/doc/html/interim-builds.html

Thanks,

Peter.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
j-trac-users mailing list
j-trac-users@...
https://lists.sourceforge.net/lists/listinfo/j-trac-users

Hi Peter,

Thanks very much for the new build - I havn't had time to test out the
changes when you first made them in svn so this is the first chance I've
had to try the new code.
And unfortunately it doens't quite work for me with openLDAP.
The problems are:
The default applicationContext-acegi.xml has:
<property name="activeDirectoryDomain"
value="${ldap.activeDirectoryDomain} />

Which means activeDirectoryDomain is still defined by default (but with
empty value?) which causes the code in JtracLdapAuthenticationProvider
to still try using the AD specific bind which causes an error:
"LDAP: error code 12 - critical extension is not recognized"

BUT this was easily fixed by commenting out that line in
applicationContext-acegi.xml

However the problem I can't fix easily is that in the bind() method of
JtracLdapAuthenticationProvider, the username by itself is used (line
162) which is not correct.
What should be used is the *full DN* of the user, ie. the username
prefixed with the ldap user id attribute ("uid" in my case, but could be
anything really) and suffixed with the rest of the users domain, so it
should look something like:
...
userDN = searchKey+username+searchBase;
env.put(Context.SECURITY_PRINCIPAL, userDN);

I managed to "hack test" this by actually trying to login with my full
userDN, ie:
uid=maks,ou=users,ou=multimedia,o=ngv

And watching my ldap logfile I could see a successful bind, but then of
course the userlookup code back in the JtracLdapAuthenticationProvider
class fails because there is no such user as the full DN.

Also would there be any chance to add little bit more code to set a
users other details (fullname and email for instance) from LDAP data,
overwriting whats in jtrac's own DB? I can see th

Hopefully you get the chance to make this small fix and pls let me know
and I can test again.

Thanks again,
Maks.


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
j-trac-users mailing list
j-trac-users@...
https://lists.sourceforge.net/lists/listinfo/j-trac-users