Updated metacat login semantics. Now, metacat assumes the username passedin is the 'full' distinguished name of the user. If that fails, theninstead it tries looking up the string and seeing if it can determinewhat the DN is, then uses it. The preferred method of logging in via...
fixed to get groupnames for a user using any identifying name
added support for multiple group membership
fixed bug - hardcoded LDAP URL
made use of the new property for ldaps url;it is used for secure connection to LDAP server listening on second port 636 by default with SSL sockets;it is used from Metacat for the authetication process only;all the rest communications with LDAP server are made on the default port 389 with plain sockets
fixed the problem with empy password authentication.Ldap somehow allows DirContext to be createdwhen empty password is provided as in our caseinstead of comlaining like with wrong password string.So included a check for empty password in order to reject the login.
Changes related to running LDAP servers referred each other in one tree modeling the KNB tree.Currently there are running LDAP server on dev that holds the KNB root and the NCEAS' s subtree.It also refers to a subtree modeling the LTER's tree which is held by another LDAP server runnig on alpha .
fixes on getting information from LDAP services
fixes around getUsers and getGroups."getprincipals" action can now produce output like:<principals> <group> <groupname>Administrators<groupname> <user> <username>uid=admin,o=NCEAS, c=US<username> </user> </group>...
Included back getting the list of users and groups stored in auth schemethrough new action="getprincipals". No extra parameters are needed.Any logged in users are able to get this information
included missing implementation of getUsers(), getGroups() interfaces
added precise location information (class.method) to each catch statement so that errors are more easily traced.
Added license terms to source code files, and cleaned up some javadocdocumentation in a few places.
Updated the Javadoc documentation so that the current release can be providedon the web site.
Fixed problem with AuthInterface, AuthLdap, and AuthMcat where thesigantures of the methods of these classes were not in agreement, which wascausing AuthLdap to no longer compile. Changed parameter signatures so thatthe 'user' parameter is used consistently in all of the methods.
Fixed the LDAP authentication adapter (AuthLdap.java) so that it now looks upthe distinguished name for a user before attempting to do authentication.This is because the user's distinguished name can sometimes be based ontheir uid attribute, but sometimes be based on their cn (common name)...
merge AUTH_LDAP to the main branch