Re: [JBoss-user] LDAP security in 3.0.x

Thu, 15 Aug 2002 14:33:46 -0700 

what about having the domino ldap tree in the jndi namespace? maybe this
helps.

bax
----- Original Message -----
From: "Jon Brisbin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 15, 2002 11:37 PM
Subject: [JBoss-user] LDAP security in 3.0.x


> It appears that the relevant portion of code from
> org.jboss.security.auth.spi.LdapLoginModule that I'm having problems
> with is this:
>
>          BasicAttributes matchAttrs = new BasicAttributes(true);
>          if( matchOnUserDN == true )
>             matchAttrs.put(uidAttrName, userDN);
>          else
>             matchAttrs.put(uidAttrName, username);
>          String[] roleAttr =
>          {roleAttrName};
>
> and then:
>
>             NamingEnumeration answer = ctx.search(rolesCtxDN,
> matchAttrs, roleAttr);
>
>
> In my testing, when I try and do a context.search() using a
> BasicAttributes object as a parameter, I get no return.  If, however, I
> use a String filter and use SearchControls, I get back the data I need
> for my security roles.  Not sure why the BasicAttributes thing isn't
> working right with Domino.
>
> I may need to roll my own LdapLoginModule to make this work for me in
> Domino.  I actually like the Tomcat-style LDAPRealm where you specify,
> in MessageFormat format, a filter string and use either the DN or the
> username (which is an email address, in our case).
>
> I also don't like the assumption that my users are stored in a way that
> would make the whole prefix + username + suffix thing work.  We have
> users that are in different ou's so I can't construct a DN from only
> the information given to me in a login form (or box).  Luckily, Domino
> is forgiving enough that I can bind with a couple different kinds of
> usernames WITHOUT specifying what attribute I'm matching with.  If I
> was to use anything else, I'd probably have to rewrite that portion of
> this login module as well.
>
>
>
> =====
> Thanks!
>
> Jon Brisbin
>
> [EMAIL PROTECTED]
> 417.682.6157 (h/w)
> 417.825.3995 (c)
>
> __________________________________________________
> Do You Yahoo!?
> HotJobs - Search Thousands of New Jobs
> http://www.hotjobs.com
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user



-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to