Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
Hi I'm also interested in LDAP authentification, our new customer is a big organization, and they want our application to use LDAP services for authentification. I must say that I know very few about this. I could not find any class in resin's doc about LDAP, but found a page here from Ferg : http://bugs.caucho.com/view.php?id=666 It seems rather complex for me, as I'm reading these pages, I would need to include Acegi framework, then Spring framework, and finally a Resin adaptor which is a whole project itself... For my application, I only need a very simple java class getting current user name from LDAP, so a web user that is already authenticated does not have to retype its login/password... But I really don't know if it can be as simple as that... ! cilquirm wrote: Does anyone have any experience using Caucho's LDAPAuthenticator with ActiveDirectory? Still continuing on my quest to investigate possible ActiveDirectory authentication options. Any help would be appreciated. Thanks, -a -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
I ended up writing my own authenticator extending Caucho's AbstractAuthenticator because I need to use ldaps and need some custom functionality. Things should work if the default PROVIDER_URL is good for you (ie ldap://localhost:389). Bill On 5/3/07, Riccardo Cohen [EMAIL PROTECTED] wrote: Hi I'm also interested in LDAP authentification, our new customer is a big organization, and they want our application to use LDAP services for authentification. I must say that I know very few about this. I could not find any class in resin's doc about LDAP, but found a page here from Ferg : http://bugs.caucho.com/view.php?id=666 It seems rather complex for me, as I'm reading these pages, I would need to include Acegi framework, then Spring framework, and finally a Resin adaptor which is a whole project itself... For my application, I only need a very simple java class getting current user name from LDAP, so a web user that is already authenticated does not have to retype its login/password... But I really don't know if it can be as simple as that... ! cilquirm wrote: Does anyone have any experience using Caucho's LDAPAuthenticator with ActiveDirectory? Still continuing on my quest to investigate possible ActiveDirectory authentication options. Any help would be appreciated. Thanks, -a -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
There are many tutorials/examples on the web. This one covers both security and searches: http://java.sun.com/products/jndi/tutorial/ldap/ Bill On 5/3/07, Riccardo Cohen [EMAIL PROTECTED] wrote: All right, but if I want to write my own one, I need to know ldap protocole :)... where do you find this ? Bill Au wrote: I ended up writing my own authenticator extending Caucho's AbstractAuthenticator because I need to use ldaps and need some custom functionality. Things should work if the default PROVIDER_URL is good for you (ie ldap://localhost:389). Bill On 5/3/07, *Riccardo Cohen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi I'm also interested in LDAP authentification, our new customer is a big organization, and they want our application to use LDAP services for authentification. I must say that I know very few about this. I could not find any class in resin's doc about LDAP, but found a page here from Ferg : http://bugs.caucho.com/view.php?id=666 It seems rather complex for me, as I'm reading these pages, I would need to include Acegi framework, then Spring framework, and finally a Resin adaptor which is a whole project itself... For my application, I only need a very simple java class getting current user name from LDAP, so a web user that is already authenticated does not have to retype its login/password... But I really don't know if it can be as simple as that... ! cilquirm wrote: Does anyone have any experience using Caucho's LDAPAuthenticator with ActiveDirectory? Still continuing on my quest to investigate possible ActiveDirectory authentication options. Any help would be appreciated. Thanks, -a -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com mailto:resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
Thanks a lot. I think I'll first try http://www.openldap.org/jldap/ :) Bill Au wrote: There are many tutorials/examples on the web. This one covers both security and searches: http://java.sun.com/products/jndi/tutorial/ldap/ Bill On 5/3/07, *Riccardo Cohen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: All right, but if I want to write my own one, I need to know ldap protocole :)... where do you find this ? Bill Au wrote: I ended up writing my own authenticator extending Caucho's AbstractAuthenticator because I need to use ldaps and need some custom functionality. Things should work if the default PROVIDER_URL is good for you (ie ldap://localhost:389). Bill On 5/3/07, *Riccardo Cohen* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi I'm also interested in LDAP authentification, our new customer is a big organization, and they want our application to use LDAP services for authentification. I must say that I know very few about this. I could not find any class in resin's doc about LDAP, but found a page here from Ferg : http://bugs.caucho.com/view.php?id=666 It seems rather complex for me, as I'm reading these pages, I would need to include Acegi framework, then Spring framework, and finally a Resin adaptor which is a whole project itself... For my application, I only need a very simple java class getting current user name from LDAP, so a web user that is already authenticated does not have to retype its login/password... But I really don't know if it can be as simple as that... ! cilquirm wrote: Does anyone have any experience using Caucho's LDAPAuthenticator with ActiveDirectory? Still continuing on my quest to investigate possible ActiveDirectory authentication options. Any help would be appreciated. Thanks, -a -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com mailto:resin-interest@caucho.com mailto:resin-interest@caucho.com mailto:resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com mailto:resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com mailto:resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest -- Très cordialement, Riccardo Cohen ligne directe : 02-47-49-63-24 --- Articque http://www.articque.com 149 av Général de Gaulle 37230 Fondettes - France tel : 02-47-49-90-49 fax : 02-47-49-91-49 ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
I'm also interested in LDAP authentification, our new customer is a big organization, and they want our application to use LDAP services for authentification. I must say that I know very few about this. I could not find any class in resin's doc about LDAP Resin includes a class com.caucho.server.security.LdapAuthenticator An example usage is below: authenticator typecom.caucho.server.security.LdapAuthenticator/type init jndi-env java.naming.provider.url=ldap://localhost:389/ dn-suffixdc=example,dc=com/dn-suffix user-attributeuid/user-attribute !-- default is uid -- password-attributeuserPassword/password-attribute !-- default is userPassword -- password-digestnone/password-digest /init /authenticator The current (3.1.0) implementation does not obtain roles, it returns true for any isUserInRole request if the user has successfully been authenticated. Logging at the fine level is useful while setting it up, and the source code is fairly simple and worth taking a look at. -- Sam ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory
Date: Thu, May 03, 2007 at 07:28:55PM +0200 Subject: Re: [Resin-interest] LDAPAuthenticator with ActiveDirectory thanks that's great, and we may use it for a 3,1 server. Now we are in 3,0,18, so I'll look at openldap The LdapAuthenticator has been available since version 3.0.19. -- Sam ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] LDAPAuthenticator with ActiveDirectory
Does anyone have any experience using Caucho's LDAPAuthenticator with ActiveDirectory? Still continuing on my quest to investigate possible ActiveDirectory authentication options. Any help would be appreciated. Thanks, -a -- View this message in context: http://www.nabble.com/LDAPAuthenticator-with-ActiveDirectory-tf3683387.html#a10295197 Sent from the Resin mailing list archive at Nabble.com. ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest