ldap

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

ldap

Vince Clark
It appears as though the ldap integration expects username/pw entries in the directory are created through an ldap client, not OFBiz. If this is correct that means you would have to

    1. create a username/pw in the ldap directory.
    2. create the exact same user login in OFBiz.
    3. Upon first login the pw in the directory would over write the pw in OFBiz.

Do I understand this correctly?

I would like to have any user login that is added in OFBiz to be created in the directory. Also when a user changes their pw in OFBiz it would be updated in the directory. As far as I can tell the current implementation doesn't support that.

If not, can anyone recommend a web based ldap client that gives users the ability to change a pw? I don't want them to have the ability to administer the directory, just manage their own pw, and maybe other profile information.
Reply | Threaded
Open this post in threaded view
|

Re: ldap

Shi Jinghai
Yes, you're quite right. You can use the implementation in JBoss Portal
as a sample.

Regards,

Shi Jinghai/Beijing Langhua Ltd.


在 2009-03-29日的 15:37 -0700,Vince M. Clark写道:

> It appears as though the ldap integration expects username/pw entries in the directory are created through an ldap client, not OFBiz. If this is correct that means you would have to
>
>     1. create a username/pw in the ldap directory.
>     2. create the exact same user login in OFBiz.
>     3. Upon first login the pw in the directory would over write the pw in OFBiz.
>
> Do I understand this correctly?
>
> I would like to have any user login that is added in OFBiz to be created in the directory. Also when a user changes their pw in OFBiz it would be updated in the directory. As far as I can tell the current implementation doesn't support that.
>
> If not, can anyone recommend a web based ldap client that gives users the ability to change a pw? I don't want them to have the ability to administer the directory, just manage their own pw, and maybe other profile information.

Reply | Threaded
Open this post in threaded view
|

Re: ldap

Jacques Le Roux
Administrator
In reply to this post by Vince Clark
Quick answer : have you had a look at
http://docs.ofbiz.org/display/OFBIZ/FAQ+-+Tips+-+Tricks+-+Cookbook+-+HowTo#FAQ-Tips-Tricks-Cookbook-HowTo-CAS ?

Jacques

From: "Vince M. Clark" <[hidden email]>

> It appears as though the ldap integration expects username/pw entries in the directory are created through an ldap client, not
> OFBiz. If this is correct that means you would have to
>
>    1. create a username/pw in the ldap directory.
>    2. create the exact same user login in OFBiz.
>    3. Upon first login the pw in the directory would over write the pw in OFBiz.
>
> Do I understand this correctly?
>
> I would like to have any user login that is added in OFBiz to be created in the directory. Also when a user changes their pw in
> OFBiz it would be updated in the directory. As far as I can tell the current implementation doesn't support that.
>
> If not, can anyone recommend a web based ldap client that gives users the ability to change a pw? I don't want them to have the
> ability to administer the directory, just manage their own pw, and maybe other profile information.
>


Reply | Threaded
Open this post in threaded view
|

Re: ldap

Shi Jinghai
CAS is not LDAP.

As CAS mentioned, I just put our OFBiz-CAS component's road map here:

We'll update our OFBiz-LDAP implement to support CAS protocal 2.0 (and
PersonDirectory), separate it from the LDAP part(use /serviceValidate to
get user's attributes, not get it from LDAP) and authz/authn in April
(next week exactly).

And as we have designed a new CAS login page which may be released with
CAS 4.0 in this year, we'll not use the redirect-to-cas-login-page
style, we will put an iframe into OFBiz login page. See a sample design
here:
New CAS iframe:
http://www.langhua.cn/viewvc/svn/pics/CAS/trunk/pic/jasig_styleC.jpg?view=markup
The iframe part will be this version of CAS login:
http://www.langhua.cn/viewvc/svn/pics/CAS/trunk/pic/jasig11.jpg?view=markup

When CAS 4.0 comes out, we'll update OFBiz-CAS to support OpenID and
SAML 2.0.

This is the road map of OFBiz-CAS component in 2009.

Enjoy it,

Shi Jinghai/Langhua Opensource Foundations

You're mountains, we're a valley.


在 2009-03-31二的 10:19 +0200,Jacques Le Roux写道:

> Quick answer : have you had a look at
> http://docs.ofbiz.org/display/OFBIZ/FAQ+-+Tips+-+Tricks+-+Cookbook+-+HowTo#FAQ-Tips-Tricks-Cookbook-HowTo-CAS ?
>
> Jacques
>
> From: "Vince M. Clark" <[hidden email]>
> > It appears as though the ldap integration expects username/pw entries in the directory are created through an ldap client, not
> > OFBiz. If this is correct that means you would have to
> >
> >    1. create a username/pw in the ldap directory.
> >    2. create the exact same user login in OFBiz.
> >    3. Upon first login the pw in the directory would over write the pw in OFBiz.
> >
> > Do I understand this correctly?
> >
> > I would like to have any user login that is added in OFBiz to be created in the directory. Also when a user changes their pw in
> > OFBiz it would be updated in the directory. As far as I can tell the current implementation doesn't support that.
> >
> > If not, can anyone recommend a web based ldap client that gives users the ability to change a pw? I don't want them to have the
> > ability to administer the directory, just manage their own pw, and maybe other profile information.
> >
>
>