You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Thomas Maier <th...@zid-f.bfinv.de> on 2005/06/14 18:48:28 UTC
ldap authentication
I don't get along with the LDAP transformer.
I want the ldap-transformer to work with the authentication framework.
My sitemap.xmp is:
snip
<map:match pattern="authenticate">
<map:generate src="ldap.xml"/>
<map:transform type="ldap">
<map:parameter name="rootdn" value="{request-param:name}"/>
<map:parameter name="password" value="{request-param:pass}"/>
</map:transform>
<map:serialize type="xml"/>
</map:match>
snap
My ldap.xml is like:
<?xml version="1.0" encoding="ISO-8859-1"?>
<authentication xmlns:ldap="http://apache.org/cocoon/LDAP/1.0">
<ldap:execute-query>
<ldap:initializer>com.sun.jndi.ldap.LdapCtxFactory</ldap:initializer>
<!-- enter your own ldap server -->
<ldap:serverurl>ldap://my_ldap_url</ldap:serverurl>
<ldap:authentification>simple</ldap:authentification>
<ldap:version>3</ldap:version>
<ldap:port>389</ldap:port>
<ldap:scope>SUBTREE_SCOPE</ldap:scope>
<!-- enter your own searchbase & filter -->
<ldap:searchbase>DC=mydomain,DC=de</ldap:searchbase>
<ldap:deref-link>TRUE</ldap:deref-link>
<ldap:debug>TREUE</ldap:debug>
<ldap:count-limit>0</ldap:count-limit>
<ldap:time-limit>0</ldap:time-limit>
<ldap:show-attribute>TRUE</ldap:show-attribute>
<ldap:doc-element>ID</ldap:doc-element>
<ldap:row-element>user</ldap:row-element>
<ldap:error-element>ELEMENT</ldap:error-element>
<ldap:attribute>mail</ldap:attribute>
<ldap:attribute>givenname</ldap:attribute>
<ldap:attribute>rzfMayUse</ldap:attribute>
<ldap:attribute>roomNumber</ldap:attribute>
</ldap:execute-query>
</authentication>
First: I cannot read any attribute out of the sax-stream the
ldaptransformer produces.
Second: I want to expand a simple loginname to a full rootdn (like:
uid=<loginname>ou=mitarbeiter,ou=intern,dc=mydomain,dc=de) where can I
do this? I tried something like <map:parameter name="rootdn"
value="uid={request-param:name},ou=extern,ou=personen,dc=mydomain,dc=de"
/> in the sitemap but it didn't work. Any suggestions?
Best Regards
Thomas