Tony,
Thank you very much for your response.
You mentioned that you are in the process of starting to code this JNDI
implementation, when you done, please let me know, as I'm interested in
trying to get JNDIRealm to work.
Does SHA digest will been supported in this implementation?
Thanks,
Shelly
Tony Dahbura wrote:
>
> Shelly:
> I did not want to copy the whole list on your first question. What you are
> trying to accomplish is a search to authenticate a user when the uid is not part
> of the dn. I do not believe the JNDI implementation supports this now.
>
> I am actually proposing to the group that we implement a full ldap realm module
> that does not run on top of JNDI but instead utilizes full ldap functionality to
> do things like you are trying to do.
>
> I am in the process of starting to code this. I will have a proposal out for
> the group in the next week.
>
> Tony
>
> Shelly wrote:
>
> > Hello,
> >
> > I'm running Tomcat 4 on Unix and trying to use JNDIRealm for
> > authentication.
> > I use Netscape LDAP server, and the hierarchy of entries in the directory
> > is
> >
> > o=My Company
> > |
> > +---------------+---------------+
> > | | |
> > ou=People ou=Groups ...
> > |
> > +-------+-------+
> > | |
> > ou=Employee ...
> > |
> > +-----+-----+
> > | | |
> > enum=001 ... enum=111
> >
> > However, the login attribute is uid.
> >
> > When I do a search for a valid uid, it returns null.
> >
> > If I use DirContext.listBindings("") to get name-to-objects, no object
> > returns; (Please see code below).
> > If I use DirContext.listBindings("o=My Company") to get name-to-objects,
> > it returns (Name: ClassName: Object):
> > ou=Resources: com.sun.jndi.ldap.LdapCtx:
> > com.sun.jndi.ldap.LdapCtx@586fd3
> > ou=People: com.sun.jndi.ldap.LdapCtx: com.sun.jndi.ldap.LdapCtx@586jhk
> > ...
> >
> > Hash table en = new Hash table();
> > env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
> > if (connection Name != null)
> > env.put(Context.SECURITY_PRINCIPAL, connectionName);
> > if (connection Password != null)
> > env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
> > if (connection URL != null)
> > env.put(Context.PROVIDER_URL, connectionURL);
> > context = new InitialDirContext(env);
> >
> > try {
> > // Get listing of context
> > Naming Enumeration bindings = context.listBindings("");
> > // Go through each item in list
> > while (bindings.hasMore()) {
> > Binding bd = (Binding)bindings.next();
> > log(bd.getName() + ": " + bd.getClassName() + ": " +
> > bd.getObject());
> > }
> > } catch (Naming Exception e) {
> > log("List Bindings failed: " + e);
> > }
> >
> > If I bind dn="", I got "HTTP Status 500 - Internal Server Error" message
> > when I access the secured page.
> >
> > I'm wondering if anyone knows the answers to any of the following
> > questions:
> >
> > 1. How to get a dn from uid when uid is not part of the dn?
> > 2. Does SHA digest been supported? When DAP server use SHA digest for
> > userPassword, how do I encrypt SHA digest?
> > 3. How to use an anonymous password for binding instead of using
> > connectionName/connectionPassword?
> >
> > Thanks
> >
> > Shelly
> >
> > --
> > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
