• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller

JAAS/LDAP question

 
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to figure out what all is required to configure my server so that I can authenticate users using LDAP on the backend. Is it just a matter of setting a configuration file, or do I need to write some custom code to connect to the LDAP server?
I have googled JAAS/LDAP tutorials and they all say to write custom code in order to do this, but I thought that the JAAS framework would allow for the configuration file to just be modified in order to change how users are authenticated.

help
 
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What server?
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not sure what you are asking. I have a client/server architecture. I want the server to authenticate clients upon login using information stored in an LDAP server. My question is, do I have to write custom java code in order to perform this task, or can I just write a specific configuration file that JAAS can use in order to authenticate users with information found in the LDAP server.
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
When you say client/server application, what communication mechanism are you using? Raw sockets, RMI, JAX-RPC?
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The client/server portion part works fine. I am currently using a simple authentication module. I want to migrate to a LDAP authenication module. Do you know how to do this?
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So, you're already using JAAS to do your authentication?
 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you can find a LDAP LoginModule implementation for you , you can config it to be used in JAAS directly. If you cannot find one , you have to write one by yourself.
Another thing is all the code should be called by Subject.doAs or Subject.doAsPrivileged. So you would write some code for that. After that if you change the authentication to a database , you might just change your config file

Thanks

Lin
[ May 06, 2005: Message edited by: LIN FENG ]
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK, I have the JndiLoginModule working. Sorta. Now, is there a way to specify a bind password for the LDAP password? This is not the username/password that I am authenticating, but the username/password to connect to the LDAP server in order to authenticate users connecting to my server(see diagram)

client <---> server <---> LDAP
 
Well don't expect me to do the dishes! This ad has been cleaned for your convenience:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic