Basically. Also a "userLookupQuery" as an alternative to "userDnTemplate". I'd be happy to write the patch, but unfortunately by current work environment doesn't provide me the opportunity to test LDAP authentication. So, I'll write it if someone else can test it.
Thanks, Jared On 03/31/2011 04:26 PM, Les Hazlewood wrote: > So you mean a 'connectionUserDn' and a 'connectionPassword' to connect > to LDAP to perform ad-hoc queries, and not just the DN format that is > used for authenticating end-users via a bind operation. Correct? > > Thanks, > > Les > > On Thu, Mar 31, 2011 at 2:03 PM, Jared Bunting > <[email protected]> wrote: >> As was mentioned in the other thread, the ability to do a query (potentially >> with a configurable username/password) in order to determine the user dn >> would be enormously useful. This is a fairly standard way to do ldap >> authentication (typically the "username" is an attribute of the dn) and >> shiro should probably support it by default. >> >> Thanks, >> Jared >> >> On 03/31/2011 12:53 PM, Les Hazlewood wrote: >>> Hi folks, >>> >>> The latest LDAP support currently is in the form of the JndiLdapRealm. >>> >>> Unfortunately, this name has confused enough people - often they think >>> they need to be using JNDI in order to use it (this is not the case - >>> the JNDI API itself is used as an implementation strategy, and it does >>> not require that anything be actually stored in JNDI, but that's >>> beside the point). >>> >>> Because of this, there is a Jira issue to rename it to something else >>> for the next release (i.e. deprecate JndiLdapRealm and create a >>> 'DefaultJndiRealm' or something like that). When we do that, we have >>> the opportunity to make it better and/or add features. >>> >>> What is missing from Shiro's LDAP support that you would need in order >>> to use it 'out-of-the-box' with your apps? Ideally I'd like to get as >>> much in there such that subclassing is rarely necessary. >>> >>> All suggestions are welcome! >>> >>> Thanks, >>> >>> Les
signature.asc
Description: OpenPGP digital signature
