Hello, Yes, if you have more complex search/query requirements than what is supported by default, overriding queryForAuthenticationInfo is the recommended approach.
Cheers, Les On Tue, May 17, 2011 at 1:40 PM, emaayan <[email protected]> wrote: > our user name is held in sAMAccountName attribute instead of the principal > and the only way i could find out is to override queryForAuthenticationInfo > like that, and do a replace of the attributes, > is thet simplest way? > > @Override > protected AuthenticationInfo queryForAuthenticationInfo(final > AuthenticationToken token, final LdapContextFactory ldapContextFactory) > throws NamingException { > //final AuthenticationInfo queryForAuthenticationInfo = > super.queryForAuthenticationInfo(token, ldapContextFactory); > final UsernamePasswordToken upToken = (UsernamePasswordToken) > token; > LdapContext ctx = null; > try { > ctx = > ldapContextFactory.getLdapContext(upToken.getUsername(), > String.valueOf(upToken.getPassword())); > final String attribName = "userPrincipalName"; > final SearchControls searchCtls = new > SearchControls(SearchControls.SUBTREE_SCOPE,1,0,new > String[]{attribName},false,false); > final NamingEnumeration<SearchResult> search = > ctx.search(searchBase, > "(&(objectClass=*)(sAMAccountName={0}))",new > Object[]{upToken.getPrincipal()},searchCtls ); > if(search.hasMore()){ > final SearchResult next = > search.next(); > > upToken.setUsername(next.getAttributes().get(attribName).get().toString()); > } > } finally { > LdapUtils.closeContext(ctx); > } > return buildAuthenticationInfo(upToken.getUsername(), > upToken.getPassword()); > } > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/overiding-the-search-for-principal-Name-tp6375068p6375068.html > Sent from the Shiro User mailing list archive at Nabble.com.
