[JDEV] LDAP enabling the entire server

Robert Norris Robert.Norris at its.monash.edu.au
Wed May 9 22:43:44 CDT 2001 

I've been looking at making Jabber work with our LDAP server. The things
I've done so far:

 - Written a replacement plaintext auth module for the JSM that checks
   against the LDAP server.
 - Written an XDB module that handles 'vcard-temp' (only done 'get'
   operations so far).

(I'm not using the CVS xdb_ldap because it requires schema changes and
read access to userPassword, both of which our directory adminstrator is
somewhat reluctant to implement).

Next on the agenda was hacking the conference server to use an LDAP filter
for access control.

The problem is that every module that uses LDAP requires its own LDAP
settings (host, port, base DN, etc), as config cannot be shared across
modules.

My first thought was to solve this by having a module that performs LDAP
operations on behalf of other parts of the server, similar to what dnsrv
does for DNS. This could work, but the JSM module would not be able to
use it (at least not in any way I can see).

XDB is essentially what I want, except that it only has support for storage
and retrieval of data, not searching. I realise that its not really suited
to this task, but I think an abstract way of searching data would be quite
useful (maybe a seperate server module all together?)

Authentication is even harder. The LDAP authentication method is quite
idiosyncratic, and really belongs in the JSM, since (at least for now)
its an IM feature.

So I guess my questions are:

1. Is there any clean, modular, generic way to do LDAP (or SQL or whatever)
   operations all in one place.
2. Are there any plans to extend XDB (or some other mechanism) to perform
   searches?

I'd be happy to code anything that is needed, I just have can't flesh out
a nice solution in my head :)

Regards,
Rob.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20010510/c8a55264/attachment-0002.pgp>

More information about the JDev mailing list