You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by David Rideau <da...@grenet.fr> on 2002/04/17 17:22:49 UTC
LDAP authentication - LDAPUserManager.java
Hi everybody,
I'm french, so excuse me for my poor english :-)
I'm trying to run jetspeed and authenticate users with an LDAP server
and I encountered some little problems.
I'm running under linux redhat 7.2
I have downloaded latest versions of :
- jetspeed sources (2002-04-15)
- turbine sources (2002-04-15). (Note : I have added the
stratum-1.0-b1.jar file which is not included but necessary to compile
turbine, and referenced it in the build.properties.sample file from turbine)
Here is an extract of my TurbineRessources.properties paramaters for ldap :
# -------------------------------------------------------------------
# S E C U R I T Y S E R V I C E
# -------------------------------------------------------------------
services.SecurityService.user.manager=org.apache.turbine.services.security.ldap.LDAPUserManager
services.SecurityService.secure.passwords=false
services.SecurityService.secure.passwords.algorithm=SHA
#services.SecurityService.ldap.security.athentication=simple
ldap.security.athentication=simple
# -------------------------------------------------------------------
When I define all parameters with the "services.Security" prefix,
parameters are not found and it results in a HORRIBLE Exception ...
I looked in the
org.apache.turbine.services.security.ldap.LDAPUserManager.java source
code to understand what happens.
I have made some changes in the bind() function and in the
retrieve(user) function and it seems to work...(If I can send changes
and remarks about the code to somebody, please tell me).
I can find a user in my LDAP server but I can't authenticate him.
I don't understand why the authenticate(user, password) function try to
bind to the LDAP server with user's informations.
Why the user's password isn't verified once user record has been found ?
How should you know what is the password fieldname in the LDAP record ?
Perhaps my questions are not intended to these mailing-list, so please
redirect me to the right people.
Thanks for help
David Rideau
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>