1 2 Previous Next 17 Replies Latest reply on Nov 3, 2009 10:42 AM by rareddy

    Custom Membership Domain

      Another topic...

      We've implemented a custom membership domain provider here dure to specific requirements regarding user authentication. It's being used with our MetaMatrix installation.

      I'm looking at the documentation (specifically the Server Extensions Developer Guide) to see how to implement the provider in Teiid.

      Right off the bat, I see the document refers to a "server-api.jar" to be used in development (second paragraph, page 7).

      Could someone direct me as to which specific jar file that would be? Because I can't find any one in either the teiid-6.2.0 or teiid-cdk-6.20 distributions with that name.

      Thanks.

        • 1. Re: Custom Membership Domain

          Actually, my biggest problem right now is looking at the existing code I have for the provider and figuring out what's where in the new libraries.

          For example, the code uses the PlatformPlugin and ServiceStateException classes, but I can't find which jar file(s) they're in. And I've gone through every single file in the lib folders for both distributions.

          Help?

          • 2. Re: Custom Membership Domain
            rareddy

            The Server Extension Guide has not been updated for the 6.2 release. Currently we are not planning on updating either. In 6.3 we are looking into JAAS based authentication. In 6.3 you could write a JAAS based plugin and able to use that with Teiid.

            For now the only suggestion I have is look at interface "MembershipDomain" that is the interface you need to implement for the custom membership domain. All you need is the Teiid-client-{version}.jar. Supply a "membership-xxx.properties" file in the "deploy" directory for supplying the properties to your implementation. Take look at FileMembership domain for an example.

            • 3. Re: Custom Membership Domain

              Well, considering the teiid-client-XXX.jar has neither of the above-mentioned classes, I guess that means I'll have to get the code rewritten from scratch, more or less.

              Thanks for the help anyways.

              • 4. Re: Custom Membership Domain
                rareddy

                hmm, you are right that code is still in "runtime" module. At one time we were moving external interfaces to client jar, some how it fell though the cracks. Anyway, you could use the runtime jar for you compilation, and then when you deploy you only need to bundle your classes. Sorry, some of legacy server stuff is gone, as it is not relevant to Teiid's approach, but you code for Memership domain should match one on one with the interface as that did not change much.

                • 5. Re: Custom Membership Domain

                  OK, so for the record, what jar files do I need to implement a custom membership domain?

                  • 6. Re: Custom Membership Domain

                    Oh, and Houston, we have a problem.

                    The example code for FileMembershipDomain (y'know, the one in the document) is still asking for ServiceStateException, and it's still nowhere to be found in any of the jar files included with the Teiid distribution.

                    • 7. Re: Custom Membership Domain
                      rareddy

                      Do you have the source code for Teiid? If not get it and look at the source code. Otherwise browse the anonymous svn here
                      http://anonsvn.jboss.org/repos/teiid/

                      Then in "runtime" module look for class

                      com.metamatrix.platform.security.membership.spi.file.FileMembershipDomain
                      


                      I do not see any reference to ServiceStateException in there, and code is in "runtime" module as I specified in the last post. The MembershipDomain interface is also defined in the same module. Look for "teiid-runtime-{version}.jar" in "lib" directory of the Teiid to be included with your compilation of custom membership.

                      Nestor, you need to start doing some home work on your own before posting a question, after all this is Open Source.

                      • 8. Re: Custom Membership Domain

                        Let me explain my situation to you.

                        I work in a secure environment, where the machines running the code do not connect to the outside world.

                        That means that the machine I'm typing this on is not the one I'm doing the work on. To load any software on my work machine, I have to go through a process where I request the files I need to another party and then wait for them to download and sanitize the files before I can get my hands on it.

                        And every time I post an error code here, I'm having to manually type in the whole thing; no copy-and-paste available to me.

                        I'm looking at the document (membership_domain_guide.pdf) where the sample code clearly uses ServiceStateException. So what you're telling me is that the documentation is not only out-of-date, it's obsolete.

                        I didn't realize that "Open Source" translated to "we don't bother to document the stuff; you'll just have to figure it out on your own". I guess I stand corrected.

                        Thank you for your assistance.

                        • 9. Re: Custom Membership Domain
                          rareddy

                          Nestor,

                          I didn't realize that "Open Source" translated to "we don't bother to document the stuff; you'll just have to figure it out on your own". I guess I stand corrected.


                          We strive hard to provide good documentation and good product. Due to limited resources some times some features and documentation tasks will not get gone in timely manner. In those situations Open Source depends on people like you to figure out and pitch in and fill in gaps.

                          I told you the situation behind why the document is not up to date, when that might happen and how Teiid team is going to redo it. I explained how to go about implementing it in Teiid. I understand your situation, but I am Sorry, I can not help with it.

                          I am more than willing to help you succeed, and I have been and I will in future as along you are willing do your part.

                          Yes, document is obsolete. Can please write a JIRA on this to update doc.

                          Did you get past the errors in your CustomMembership?

                          • 10. Re: Custom Membership Domain

                            I'm working on requesting the source code to be downloaded into the internal network so that I'll have it available in my development environment.

                            In the meantime, I printed out the code for the FileMembershipDomain so as to at least have the up-to-date code to look at. I'm using it as a base to see how I can update the code to the new way-of-things.

                            In the same vein, are the API docs available as a zipped up archive that I could bring over? It would make it easier for me not to have to jump from one machine to the other to do my "homework."

                            Unless the API docs are also out-of-date.

                            • 11. Re: Custom Membership Domain
                              shawkins

                              Hi Nestor,

                              It's important to highlight here there's a difference between Teiid the project and the eventual data services platform product. Teiid the project undergoes rapid changes and the further the documentation is from the code, the more easily it gets out-of-date. Also given that custom membership domains are not an often used feature, it was not a high project priority to update that documentation. But that's not to say it won't be done - your JIRA will focus this effort. The data services platform product on the other hand must have it's documentation up-to-date for all supported features. So what you're seeing now is mostly due to not going through a product cycle where relevant documentation updates would be contributed back to the project. The best thing to do in any case is to keep the JIRAs flowing as it will help shape things sooner and more to your liking!

                              • 12. Re: Custom Membership Domain

                                Fine. I have some thoughts regarding your statements, but this is not the place to discuss them.

                                Keeping to the topic in this thread, could someone please point out to me how I can add the Platform Plugin class to my code?

                                If I'm interpreting the pom.xml file in the source distribution (this is me, doing my homework), it's under the server module, which I guess gets built into a teiid-server-6.2.0.jar file.

                                I can't find that file anywhere. It's certainly not in the teiid-6.2.0-dist.zip file that you can download from the site.

                                • 13. Re: Custom Membership Domain
                                  rareddy

                                  Nestor,

                                  If I'm interpreting the pom.xml file in the source distribution (this is me, doing my homework), it's under the server module, which I guess gets built into a teiid-server-6.2.0.jar file.

                                  I can't find that file anywhere. It's certainly not in the teiid-6.2.0-dist.zip file that you can download from the site.


                                  "Server" is defunct project and none of Teiid depends on this project any more. This project even got deleted right after the 6.2 release. Your previous code for custom membership service from Metamatrix line will not work *as is* in the Teiid, you would have to make modifications to your code so that it does not depend on any Teiid classes other than the "MembershipDomain" interface. This is the only interface Teiid requests from the user to implement for the Custom Membership.

                                  PlatfromPlugin was an internal class to MetaMatrix, it should not have been used in other places than in Metamatrix code. Also, Teiid service architecture changed, so there are changes related "Service" classes.

                                  • 14. Re: Custom Membership Domain

                                    I'm fully aware that things have changed greatly with Teiid. Nice to find out about the server module, though.

                                    The code I'm looking at was using PlatformPlugin to obtain a standard error message for when the username and/or credential is null in the authenticateUser() method, similar to how the LDAPMembershipDomain class uses DQPEmbeddedPlugin for that purpose.

                                    Any suggestions as to where I can search to find an equivalent?

                                    Oh, and at the risk of being nit-picky, MembershipDomain is by far not the only Teiid class or interface necessary to implement a custom membership domain.

                                    I'd give you the full list, but I'd have to type every single one out (isolated secure development environment, remember?) and I'm just too busy trying to get this code working to spend the time doing so.

                                    1 2 Previous Next