You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Thomas Maier <th...@zid-f.bfinv.de> on 2005/06/14 18:48:28 UTC

ldap authentication

I don't get along with the LDAP transformer.
I want the ldap-transformer to work with the authentication framework.
My sitemap.xmp is:

snip

<map:match pattern="authenticate">
       <map:generate src="ldap.xml"/> 
        <map:transform type="ldap"> 
      	    <map:parameter name="rootdn" value="{request-param:name}"/>
           <map:parameter name="password" value="{request-param:pass}"/>
        </map:transform>  
        <map:serialize type="xml"/>
      </map:match>

snap

My ldap.xml is like:

<?xml version="1.0" encoding="ISO-8859-1"?>
<authentication xmlns:ldap="http://apache.org/cocoon/LDAP/1.0">
	<ldap:execute-query>
	
<ldap:initializer>com.sun.jndi.ldap.LdapCtxFactory</ldap:initializer>
		<!-- enter your own ldap server -->
		<ldap:serverurl>ldap://my_ldap_url</ldap:serverurl>
		<ldap:authentification>simple</ldap:authentification>
		<ldap:version>3</ldap:version>
		<ldap:port>389</ldap:port> 
		<ldap:scope>SUBTREE_SCOPE</ldap:scope> 
		<!-- enter your own searchbase & filter -->
		<ldap:searchbase>DC=mydomain,DC=de</ldap:searchbase>  
		  <ldap:deref-link>TRUE</ldap:deref-link> 
		  <ldap:debug>TREUE</ldap:debug>
		  <ldap:count-limit>0</ldap:count-limit> 
		  <ldap:time-limit>0</ldap:time-limit>  
		  <ldap:show-attribute>TRUE</ldap:show-attribute> 
		  <ldap:doc-element>ID</ldap:doc-element> 
		  <ldap:row-element>user</ldap:row-element> 
		  <ldap:error-element>ELEMENT</ldap:error-element> 
		  <ldap:attribute>mail</ldap:attribute>
		  <ldap:attribute>givenname</ldap:attribute>
 		  <ldap:attribute>rzfMayUse</ldap:attribute>     
		  <ldap:attribute>roomNumber</ldap:attribute> 
	</ldap:execute-query>
</authentication>

First: I cannot read any attribute out of the sax-stream the
ldaptransformer produces. 
Second: I want to expand a simple loginname to a full rootdn (like:
uid=<loginname>ou=mitarbeiter,ou=intern,dc=mydomain,dc=de) where can I
do this? I tried something like <map:parameter name="rootdn"
value="uid={request-param:name},ou=extern,ou=personen,dc=mydomain,dc=de"
/> in the sitemap but it didn't work. Any suggestions?

Best Regards
Thomas