• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Getting current LDAP server name from App server (J2EE Container)

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

How can you get the name of the LDAP server that the app server is using for security from within an EJB?

The reason I ask is so that I can do a lookup to get the an attribute (their email address) from the LDAP server for this user.

Thanks,
Owen.
 
author
Posts: 184
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can always pass values using env-entries. That is one quick and dirty and solution.

Your app server creates a subclass of Principal (This is the object returned when you call getCallerPrincipal on EJB Context). You need to further subclas this and add the email as a instance variable. Then customize your app server security spi implementation so that your subclass is returned.


For instance in WebLogic, it is called SSPI (Basically a bunch of classes for authN, authZ or identity assertion (if using perimeter authentication) etc...
For websphere it is User Registry or Trust Association Interceptor (TAI) (if using perimeter authentication)
For Tomcat it is the Realm classes (I think.. cannot recall the exact name in Tomcat)
 
owen moony
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for the reply Srikanth.

It's funny that you mention env entries - that's what we currently do and an Ant script changes this for each server that is deplyoed to. If we could remove this - by getting the LDAP server name from the app server - then we could almost (with a bit more tweeking) use the same ear for each server and not have to build\modify the ear for each server.

I am interested in this...

Originally posted by Srikanth Shenoy:
Then customize your app server security spi implementation so that your subclass is returned


I have been hunting around to find out how you would do this with WebSphere but I'm not having much luck. If it's not too much to ask, can you possibly post a URL that explains how you would go about doing this in WebSphere?

Thanks,
Owen.
 
Self destruct mode activated. Instructions for deactivation encoded in this tiny ad.
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic