[JBoss-user] LDAP security in 3.0.x

Thu, 15 Aug 2002 14:19:54 -0700 

It appears that the relevant portion of code from
org.jboss.security.auth.spi.LdapLoginModule that I'm having problems
with is this:

         BasicAttributes matchAttrs = new BasicAttributes(true);
         if( matchOnUserDN == true )
            matchAttrs.put(uidAttrName, userDN);
         else
            matchAttrs.put(uidAttrName, username);
         String[] roleAttr =
         {roleAttrName};

and then:

            NamingEnumeration answer = ctx.search(rolesCtxDN,
matchAttrs, roleAttr);


In my testing, when I try and do a context.search() using a
BasicAttributes object as a parameter, I get no return.  If, however, I
use a String filter and use SearchControls, I get back the data I need
for my security roles.  Not sure why the BasicAttributes thing isn't
working right with Domino.

I may need to roll my own LdapLoginModule to make this work for me in
Domino.  I actually like the Tomcat-style LDAPRealm where you specify,
in MessageFormat format, a filter string and use either the DN or the
username (which is an email address, in our case).

I also don't like the assumption that my users are stored in a way that
would make the whole prefix + username + suffix thing work.  We have
users that are in different ou's so I can't construct a DN from only
the information given to me in a login form (or box).  Luckily, Domino
is forgiving enough that I can bind with a couple different kinds of
usernames WITHOUT specifying what attribute I'm matching with.  If I
was to use anything else, I'd probably have to rewrite that portion of
this login module as well.



=====
Thanks!

Jon Brisbin

[EMAIL PROTECTED]
417.682.6157 (h/w)
417.825.3995 (c)

__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com


-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to