[MGNLLDAP-49] Pass on email and other user properties from LDAP record to Magnolia Created: 03/Jan/11 Updated: 15/Dec/11 Resolved: 09/Jun/11 |
|
| Status: | Closed |
| Project: | LDAP Connector |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.4.3 |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Magnolia International | Assignee: | Philipp Bärfuss |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||
| Issue Links: |
|
||||||||||||
| Template: |
|
||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||
| Description |
|
While the LDAP module currently reads out all properties from a user's record (info.magnolia.jaas.sp.ldap.LDAPAuthenticationModule#extractAttributes), those properties are not passed on in the User instance in Magnolia. As far as I can tell, this is because of
While this is entirely and easily fixable within the current framework, it sounds like one more reason to move away from jaas, or at least move to a LoginModule that completely delegates to Magnolia, following which we'd have a ldap-specific UserManager implementation. And/or a LDAPUser implementation. |
| Comments |
| Comment by Magnolia International [ 04/Jan/11 ] |
|
Simple patches - also implies a change in core's ExternalUser class. To be considered before applying the patch: why do we pass the user's password in the user's object ? Since these objects might be persisted in sessions, this is a potential security problem. (the patch comments out the line of code that passes it, and that has apparently no unwanted side-effect) edit: the password needs to be kept around for activation to work. |
| Comment by Magnolia International [ 09/Jun/11 ] |
|
Patch for core's ExternalUser: see |