This week's giveaway is in the JDBC forum.
We're giving away four copies of Java Database Connections & Transactions (e-book only) and have Marco Behler on-line!
See this thread for details.
Win a copy of Java Database Connections & Transactions (e-book only) this week in the JDBC forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Knute Snortum
  • Paul Clapham
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Frits Walraven
Bartenders:
  • Ganesh Patekar
  • Tim Holloway
  • salvin francis

implements LoginAuthenticator  RSS feed

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hey, when using a custom LoginAuthenticator, how does user registration work??

I see you can still register, but how does my database get updated when a user registers??

Cheers,
Derek Knapp
[originally posted on jforum.net by kingsob]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Look at the LDAPAuthenticator source for an example of how this works. The validateLogin method calls the SSOUtils class to create jForum user's that don't exist.


[originally posted on jforum.net by monroe]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
right, but when someone signs up for an account using the website, how does the LDAP's database get updated?

whats happening to me is if the user is in my LDAP database, they can login perfectly and when someone signs up for the forums it works fine until they logout.. but when they try to login again, it tries to find them in my LDAP database, which clearly isn't going to work since when they signed up using the forums, their user/pass was never added to my LDAP server..


Derek
[originally posted on jforum.net by kingsob]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Creating users and authenticating user are two separate things. The SSO examples all assume you are replacing the authentication source with you're own authentication source that has it's own user creation methods.

The "create a user" part of the SSO code is just to allow jForum's code to easily map SSO authenticated users into jForum user objects.

There are a couple of scenarios I can see you wanting from the details provided:

1) All user authentication info is in the LDAP server and people can "register" via jForum's registration system. E.g., jForum needs to know how to create a valid LDAP user object on your server.

To do this, you will have to look at creating your own UserDAO implimentation that can do this. At a minimum, look at adding LDAP user creation to the addNew and update methods.

2) Users are authenticated from two separate sources, your LDAP server or the jForum_user table. This might be the situation where you want employees to use the same id/password and external users to have a jforum only id/password.

To do this, you will need to combine the default LoginAuthenticator with the LDAP authenticator so that both authentication sources are checked. In this case, jForum's registration will create a normal jforum user and not add anything to your LDAP server.

One thing you will have to figure out how to handle is duplicate user names. E.g., I register externally as "kingsob" and a valid jforum user id is created. Later a new employee joins the company and gets a user id of "kingsob" in LDAP. However, they can't create a matching jforum user because the external users id already has that id.

A possible quick and dirty way to avoid this is to add a prefix to all LDAP users when they are created, e.g. ldap.kingsob. But this will display on the posts and other things.
[originally posted on jforum.net by monroe]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, monroe

I have a LDAP setup, and I still want the external people can access the Forum. If the LDAP authentication failed, it will go to jForum_user table to check. As you said, needs to combine LoginAuthenticator with the LDAP authenticator, or DefaultLoginAuthenticator with LDAP authenticator?

Also, where I should make the change? Inside SystemGlobals.properties.

Thanks,
Jerry
[originally posted on jforum.net by wangld88]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
monroe, thanks!! that answered my question, im tyring to do #1, ill post my solution once im finished.

wangld88, my guess would be in your LDAPAuthenticator, if the user isn't found, then you would simply need to call the DefaultLoginAuthenticator.

Cheers,
Derek Knapp
[originally posted on jforum.net by kingsob]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
oh, btw, i tried to edit my post above to fix my horrible typo's, and got the following error, just fingured i'd let you know




An error has occurred.

For detailed error information, please see the HTML source code, and contact the forum Administrator.

Expression canRemove is undefined on line 12, column 6 in default/post_show.htm.


Forum Index

[originally posted on jforum.net by kingsob]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks, kingsob. I have figured out the way and did implement a new class by myself which include the fallback logic by combining LDAP and Default authenticator, and deployed it. Now, it's working fine.

Cheers,
Jerry
[originally posted on jforum.net by wangld88]
 
This. Exactly this. This is what my therapist has been talking about. And now with a tiny ad:
how do I do my own kindle-like thing - without amazon
https://coderanch.com/t/711421/engineering/kindle-amazon
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!