You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@directory.apache.org by Les Hazlewood <le...@katasoft.com> on 2010/08/13 23:40:21 UTC

SASL implementation

Hi all,

I have found myself needing to support a SASL-based authentication for my
own application protocol.  My assumption is that Apache Directory must
support this since it is required in the LDAP3 specification.  Does anyone
know of a starting point in the Directory codebase that I could look at as
an example and gleam ideas on how to support this in my own app?

Thanks for any pointers!

Best,

Les

Re: SASL implementation

Posted by Kiran Ayyagari <ka...@apache.org>.

On Mon, Aug 16, 2010 at 2:36 AM, Stefan Seelmann <se...@apache.org> wrote:
> Hi Les,
>
> On the server side (ApacheDS) take a look into the BindHandler[1]. If
> I'm not wrong, the javax.security.sasl implementations are used under
> the hood.
>
> On the client side (Studio) we just use JNDI to talk with the server,
> which also uses javax.security.sasl implementations.
>
> I'm not sure if SASL is supported in the new LDAP API. Anyone?
it was just added and is currently in a branch, this will be part of
the next 0.2 version of API
Take a look at the class[1] and the project[2]

[1] http://svn.apache.org/viewvc/directory/clients/ldap/branches/ldap-client-codec-merge/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java?revision=985686&view=markup&pathrev=985686

[2]http://svn.apache.org/repos/asf/directory/clients/ldap/branches/ldap-client-codec-merge/ldap-client-api/

P.S:- bot these are currently in a branch

Kiran Ayyagari

>
> Kind Regards,
> Stefan
>
>
> [1] https://svn.apache.org/repos/asf/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
>
>
> On Fri, Aug 13, 2010 at 11:40 PM, Les Hazlewood <le...@katasoft.com> wrote:
>> Hi all,
>>
>> I have found myself needing to support a SASL-based authentication for my
>> own application protocol.  My assumption is that Apache Directory must
>> support this since it is required in the LDAP3 specification.  Does anyone
>> know of a starting point in the Directory codebase that I could look at as
>> an example and gleam ideas on how to support this in my own app?
>>
>> Thanks for any pointers!
>>
>> Best,
>>
>> Les
>>
>

Re: SASL implementation

Posted by Les Hazlewood <le...@katasoft.com>.

Awesome - thanks so much for the pointers guys.  I'll dig right in!

Cheers,

Les

On Sun, Aug 15, 2010 at 3:52 PM, Emmanuel Lecharny <el...@gmail.com>wrote:

>  On 8/15/10 11:06 PM, Stefan Seelmann wrote:
>
>> Hi Les,
>>
>> On the server side (ApacheDS) take a look into the BindHandler[1]. If
>> I'm not wrong, the javax.security.sasl implementations are used under
>> the hood.
>>
>> On the client side (Studio) we just use JNDI to talk with the server,
>> which also uses javax.security.sasl implementations.
>>
>> I'm not sure if SASL is supported in the new LDAP API. Anyone?
>>
> I just have modified the API to support SASL bind.
>
> However, be aware that it's just a matter of fillig the BindRequest
> structure correctly, it has nothing to do with dealing with SASL processing.
>
> The SASL related code ca be find here :
>
>
> http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/
>
> More specifically :
>
> http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java?revision=952084&view=markup
>
> Do not hesitate to ask if you have some question.
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>

Re: SASL implementation

Posted by Emmanuel Lecharny <el...@gmail.com>.

  On 8/15/10 11:06 PM, Stefan Seelmann wrote:
> Hi Les,
>
> On the server side (ApacheDS) take a look into the BindHandler[1]. If
> I'm not wrong, the javax.security.sasl implementations are used under
> the hood.
>
> On the client side (Studio) we just use JNDI to talk with the server,
> which also uses javax.security.sasl implementations.
>
> I'm not sure if SASL is supported in the new LDAP API. Anyone?
I just have modified the API to support SASL bind.

However, be aware that it's just a matter of fillig the BindRequest 
structure correctly, it has nothing to do with dealing with SASL processing.

The SASL related code ca be find here :

http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/

More specifically :
http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java?revision=952084&view=markup

Do not hesitate to ask if you have some question.

-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com

Re: SASL implementation

Posted by Stefan Seelmann <se...@apache.org>.

Hi Les,

On the server side (ApacheDS) take a look into the BindHandler[1]. If
I'm not wrong, the javax.security.sasl implementations are used under
the hood.

On the client side (Studio) we just use JNDI to talk with the server,
which also uses javax.security.sasl implementations.

I'm not sure if SASL is supported in the new LDAP API. Anyone?

Kind Regards,
Stefan

[1] https://svn.apache.org/repos/asf/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java

On Fri, Aug 13, 2010 at 11:40 PM, Les Hazlewood <le...@katasoft.com> wrote:
> Hi all,
>
> I have found myself needing to support a SASL-based authentication for my
> own application protocol.  My assumption is that Apache Directory must
> support this since it is required in the LDAP3 specification.  Does anyone
> know of a starting point in the Directory codebase that I could look at as
> an example and gleam ideas on how to support this in my own app?
>
> Thanks for any pointers!
>
> Best,
>
> Les
>