what about having the domino ldap tree in the jndi namespace? maybe this helps.
bax ----- Original Message ----- From: "Jon Brisbin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 15, 2002 11:37 PM Subject: [JBoss-user] LDAP security in 3.0.x > It appears that the relevant portion of code from > org.jboss.security.auth.spi.LdapLoginModule that I'm having problems > with is this: > > BasicAttributes matchAttrs = new BasicAttributes(true); > if( matchOnUserDN == true ) > matchAttrs.put(uidAttrName, userDN); > else > matchAttrs.put(uidAttrName, username); > String[] roleAttr = > {roleAttrName}; > > and then: > > NamingEnumeration answer = ctx.search(rolesCtxDN, > matchAttrs, roleAttr); > > > In my testing, when I try and do a context.search() using a > BasicAttributes object as a parameter, I get no return. If, however, I > use a String filter and use SearchControls, I get back the data I need > for my security roles. Not sure why the BasicAttributes thing isn't > working right with Domino. > > I may need to roll my own LdapLoginModule to make this work for me in > Domino. I actually like the Tomcat-style LDAPRealm where you specify, > in MessageFormat format, a filter string and use either the DN or the > username (which is an email address, in our case). > > I also don't like the assumption that my users are stored in a way that > would make the whole prefix + username + suffix thing work. We have > users that are in different ou's so I can't construct a DN from only > the information given to me in a login form (or box). Luckily, Domino > is forgiving enough that I can bind with a couple different kinds of > usernames WITHOUT specifying what attribute I'm matching with. If I > was to use anything else, I'd probably have to rewrite that portion of > this login module as well. > > > > ===== > Thanks! > > Jon Brisbin > > [EMAIL PROTECTED] > 417.682.6157 (h/w) > 417.825.3995 (c) > > __________________________________________________ > Do You Yahoo!? > HotJobs - Search Thousands of New Jobs > http://www.hotjobs.com > > > ------------------------------------------------------- > This sf.net email is sponsored by: OSDN - Tired of that same old > cell phone? Get a new here for FREE! > https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user