Re: [PATCH] change jndi auth in tomcat
LDAP authentication with a bind is supported in the JNDIRealm included with Tomcat 4.1 John, thanks for the info. I tested tomcat 4.1.12 and noticed that HttpServletRequest.getUserPrincipal() returns a not-null object even if there has been absolutely no auth (new browser instance, no cookies, ...). If I extend the auth-test in BasicAuthenticator.authenticate it works: --- if (principal != null !principal.getName().equals()) { --- -- Dipl. Inf. Carsten Burghardt Login Solutions AG email: [EMAIL PROTECTED] Tel: 0821/2488-311 Fax: 0821/2488-180 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: [PATCH] change jndi auth in tomcat
Carsten LDAP authentication with a bind is supported in the JNDIRealm included with Tomcat 4.1 John. Carsten Burghardt wrote: Hi, I tried to get a ldap-authentification with domino but noticed that the current code (I checked tomcat 4.0.6 so if this is obsolete in a newer version forgive me) checks the given password with the retrieved one. This doesn't work as domino uses a different hash algorithm. So I changed the getUserDN method from the JNDIRealm to auth with a bind. Here's my code: - protected String getUserDN(DirContext context, String username, String credentials) throws NamingException { if (debug = 2) log(getUserDN( + username + )); if (username == null) return (null); if ((userFormat == null) || (userPassword == null)) return (null); // Retrieve the user password attribute for this user String dn = userFormat.format(new String[] { username }); if (debug = 3) log( dn= + dn); context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); if (debug = 3) log(Doing a lookup); Object user = context.lookup(dn); if (user == null) { log(Lookup failed); return (null); } return (dn); } - -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
[PATCH] change jndi auth in tomcat
Hi, I tried to get a ldap-authentification with domino but noticed that the current code (I checked tomcat 4.0.6 so if this is obsolete in a newer version forgive me) checks the given password with the retrieved one. This doesn't work as domino uses a different hash algorithm. So I changed the getUserDN method from the JNDIRealm to auth with a bind. Here's my code: - protected String getUserDN(DirContext context, String username, String credentials) throws NamingException { if (debug = 2) log(getUserDN( + username + )); if (username == null) return (null); if ((userFormat == null) || (userPassword == null)) return (null); // Retrieve the user password attribute for this user String dn = userFormat.format(new String[] { username }); if (debug = 3) log( dn= + dn); context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); if (debug = 3) log(Doing a lookup); Object user = context.lookup(dn); if (user == null) { log(Lookup failed); return (null); } return (dn); } - -- Dipl. Inf. Carsten Burghardt Login Solutions AG email: [EMAIL PROTECTED] Tel: 0821/2488-311 Fax: 0821/2488-180 -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]