Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

CustomRealm without listing Group Members

0 views

Skip to first unread message

Andreas Schlüter

unread,

May 26, 2001, 3:02:56 PM5/26/01

Hi,

we are considering to implement a custom security realm. We have a fixed number
of groups to be used in ACLs. Users are stored in an LDAP server.
Group membership depends on some information on the individual user which needs
to be gathered from a separate backend system. Therefore, it is not feasible to
implement the getMembers() method on the Group class since that means iterating
over all "user records" in the backend system.
Here my question:
1. Is the getMembers() method needed for Authorization and/or Authentication or
can we simply make it return an empty list? (We do not mind if we do not see group
members in the administration console.)
2. Is it a good idea at all to have this kind of group definition?
3. What about the method "getUsers" for the ListableRealm? Is this one needed
for Authorization/Authentification. This method poses a similar problem.

Regards,

Andreas

Alf

unread,

May 28, 2001, 1:14:22 PM5/28/01

> 1. Is the getMembers() method needed for Authorization and/or
Authentication or
> can we simply make it return an empty list? (We do not mind if we do not
see group
> members in the administration console.)

I think this method is not needed at all for authentication and
authorization, it's only used to list the users in the WL admin page.

> 3. What about the method "getUsers" for the ListableRealm? Is this one
needed
> for Authorization/Authentification. This method poses a similar problem.

Same answer.

0 new messages