Description
This is an issue to track an enhancements provided by Davy De Waele (nicely welcome list of changes ). Davy will include the code patch for this issue. I will apply the changes to svn after review. Here is a list of the changes performed:
Changed LDAP authentication
---------------------------
Instead of verifying the username/password combination by fetching the
password from the LDAP attribute, an LDAP bind is performed with the
provided credentials to see if the user is authenticated. Jetspeed
shouldn't be aware of how to decode an encoded password stored in LDAP.
(It should however, as is currently the case, be able to encode a
password in the LDAP server, in the case that the LDAP server doesn't
do
this automatically).
Implemented User-Group assignment
---------------------------------
Groups can be assigned/unassigned to users via the LdapSecurityMapper.
(Via the j2-group attribute on the user entry)
Implemented User-Role assignment
--------------------------------
Roles can be assigned/unassigned to users via the LdapSecurityMapper.
(Via the j2-role attribute on the user entry)
Implemented Group-Role assignment
---------------------------------
Groups can be assigned/unassigned to roles via the LdapSecurityMapper.
(Via the j2-role attribute on the group entry)
Supported LDAP Servers
----------------------
Implementation has been tested on OpenLDAP,Sun Directory Server and
Apache Directory Server. Documentation can be provided on how to setup
these LDAP servers for integrating with Jetspeed.