On 5/30/07, Alex Karasulu <[EMAIL PROTECTED]> wrote:
Enrique, I'm guessing you use "internal" for the value of the Context.SECURITY_AUTHENTICATION [0] JNDI parameter. Is this a correct presumption?
Yes.
This parameter is hence used to set the authentication level right? I guess this is attractive to do since it marks the Context for the life of the Context and you can differentiate it from LDAP sessions which authenticate on InitialContexts using the other authentication levels. In this case your tactic would work but it could be implemented a little better. There is no reason why we should have to do this with the authentication level which is really orthogonal to your aim of identifying "who" is attempting the authentication.
Actually, I very much care whether the request is internal vs. external and much much less "who" is attempting the authentication. The issue with what I want to do is that certain operations must NEVER be allowed to occur from outside the server. Basing this upon the bind principal does not help since a bind principal can be compromised. To avoid a security problem when a principal is compromised, I must prevent certain operations from ever occuring from outside the server, and thus I must know whether a request is coming from inside vs. outside the server and not who the bind principal is.
The SECURITY_PRINCIPAL environment parameter already does this so why not just use it. All we need to do is create some standard principals for these services that comes with ApacheDS out of the box, packaged into the DIT. We can easily promote these principals to the point of having administrator like powers. I added some standard groups to ADS to allow this. This by far is the best mechanism I can see. This property is specifically there for answering your question. Also you can extract it from the ServerContext.getPrincipal() method which contains the normalized DN of the binding principal.
I very specifically care to know when requests are being made internal vs. external to the server, so SECURITY_PRINCIPAL is not what I want. The fact that "internal" could be used as an authenticationLevel is a possible bonus in ACI evaluation, but I'm sorry I brought it up since it has obviously confused my original question about how to determine whether a request is coming from inside vs. outside the server. Enrique
