This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of Real-World Software Development: A Project-Driven Guide to Fundamentals in Java and have Dr. Raoul-Gabriel Urma & Richard Warburton on-line!
See this thread for details.
Win a copy of Real-World Software Development: A Project-Driven Guide to Fundamentals in Java this week in the Agile and Other Processes forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Liutauras Vilda
  • Knute Snortum
  • Bear Bibeault
Sheriffs:
  • Devaka Cooray
  • Jeanne Boyarsky
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • salvin francis
Bartenders:
  • Tim Holloway
  • Piet Souris
  • Frits Walraven

Getting current LDAP server name from App server (J2EE Container)

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

How can you get the name of the LDAP server that the app server is using for security from within an EJB?

The reason I ask is so that I can do a lookup to get the an attribute (their email address) from the LDAP server for this user.

Thanks,
Owen.
 
author
Posts: 184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can always pass values using env-entries. That is one quick and dirty and solution.

Your app server creates a subclass of Principal (This is the object returned when you call getCallerPrincipal on EJB Context). You need to further subclas this and add the email as a instance variable. Then customize your app server security spi implementation so that your subclass is returned.


For instance in WebLogic, it is called SSPI (Basically a bunch of classes for authN, authZ or identity assertion (if using perimeter authentication) etc...
For websphere it is User Registry or Trust Association Interceptor (TAI) (if using perimeter authentication)
For Tomcat it is the Realm classes (I think.. cannot recall the exact name in Tomcat)
 
owen moony
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply Srikanth.

It's funny that you mention env entries - that's what we currently do and an Ant script changes this for each server that is deplyoed to. If we could remove this - by getting the LDAP server name from the app server - then we could almost (with a bit more tweeking) use the same ear for each server and not have to build\modify the ear for each server.

I am interested in this...

Originally posted by Srikanth Shenoy:
Then customize your app server security spi implementation so that your subclass is returned


I have been hunting around to find out how you would do this with WebSphere but I'm not having much luck. If it's not too much to ask, can you possibly post a URL that explains how you would go about doing this in WebSphere?

Thanks,
Owen.
 
It's a pleasure to see superheros taking such an interest in science. And this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!