Hello,
I have copied and used this code and had a small problem with it. If you
don't specify the roleCtxDn and roleFilter parameters it throws an error. As I
have a seperate database table for roles and only wanted to use LDAP for
Authentication this was a problem for me. I just skipped the role checking when
the parameters where null but you could make it an explicit option.
// Query for roles matching the role filter
if ((rolesCtxDN != null) && (roleFilter != null)) {
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
constraints.setReturningAttributes(new String[0]);
constraints.setTimeLimit(searchTimeLimit);
rolesSearch(ctx, constraints, username, userDN, recursion, 0);
}
Also all the options are added to the sign-on environment even when they are
not used which seems a bit dangerous to me. (It works with or without them!)
private InitialLdapContext constructInitialLdapContext(String dn,
Object credential) throws NamingException {
Properties env = new Properties();
Iterator iter = options.entrySet().iterator();
while (iter.hasNext()) {
Entry entry = (Entry) iter.next();
env.put(entry.getKey(), entry.getValue());
}
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3906038#3906038
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3906038
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
