ldap mvnforum

Wed, Dec 14, 2005

LDAP enabling mvnForum

These notes are for 1.0.0 RC4 update 4. There’s a struts action that handles authentication but it’s not used in this release. Apparently the long term plan is to migrate mvnForum to struts so all this will probably change.

com.mvnforum.auth.OnlineUserFactoryLDAPImpl – extends com.mvnforum.auth.OnlineUserFactoryImpl - overrides getAuthenticatedUser() – adds createUser() method

com.mvnforum.auth.LDAPAuthenticator – Authenticates against LDAP and provides limited LDAPMemberBean functionality

com.mvnforum.auth.LDAPMemberBean – Provides LDAP information for a user

com.mvnforum.db.MinervaBean – Provides JDBC functionality to get a user’s modules

WEB-INF/classes/minerva.properties – Connection parameters for MinvervaBean

mvnforum/WEB-INF/lib/ldap.jar

mvnforum/properties/mvnforum.xml:

<mvnforumfactoryconfig>   …   <onlineuser_implementation>com.mvnforum.auth.OnlineUserFactoryLDAPImpl</onlineuser_implementation>   … </mvnforumfactoryconfig>

The JSP pages are a bit of a problem as they use the default password field “MemberMatkhau” which gets md5 encrypted by the system. There doesn’t seem to be a way to turn the encryption off. The workaround is to add a new password field that the system doesn’t know about and so won’t encrypt:

<input type=“password” name=“ldapPasswd” size=“15” onKeyPress=“checkEnter(event);">

and change the default password field “MemberMatkhau” to a hidden field and set it to whatever the LDAP password field is:

<input type=“hidden” name=“MemberMatkhau” value=“document.submitform.ldapPasswd.value”>

srcweb/mvnplugin/mvnforum/admin/login.jsp srcweb/mvnplugin/mvnforum/user/index.jsp srcweb/mvnplugin/mvnforum/user/login.jsp

comments powered by Disqus