• Post Reply Bookmark Topic Watch Topic
  • New Topic

Getting current LDAP server name from App server (J2EE Container)

 
owen moony
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

How can you get the name of the LDAP server that the app server is using for security from within an EJB?

The reason I ask is so that I can do a lookup to get the an attribute (their email address) from the LDAP server for this user.

Thanks,
Owen.
 
Srikanth Shenoy
author
Ranch Hand
Posts: 184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can always pass values using env-entries. That is one quick and dirty and solution.

Your app server creates a subclass of Principal (This is the object returned when you call getCallerPrincipal on EJB Context). You need to further subclas this and add the email as a instance variable. Then customize your app server security spi implementation so that your subclass is returned.


For instance in WebLogic, it is called SSPI (Basically a bunch of classes for authN, authZ or identity assertion (if using perimeter authentication) etc...
For websphere it is User Registry or Trust Association Interceptor (TAI) (if using perimeter authentication)
For Tomcat it is the Realm classes (I think.. cannot recall the exact name in Tomcat)
 
owen moony
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply Srikanth.

It's funny that you mention env entries - that's what we currently do and an Ant script changes this for each server that is deplyoed to. If we could remove this - by getting the LDAP server name from the app server - then we could almost (with a bit more tweeking) use the same ear for each server and not have to build\modify the ear for each server.

I am interested in this...
Originally posted by Srikanth Shenoy:
Then customize your app server security spi implementation so that your subclass is returned

I have been hunting around to find out how you would do this with WebSphere but I'm not having much luck. If it's not too much to ask, can you possibly post a URL that explains how you would go about doing this in WebSphere?

Thanks,
Owen.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!