You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Werner Rudolf <wr...@gmx.net> on 2005/07/23 13:50:32 UTC
Authentication in Cocoon against MS-AD
Hello,
I'd need to authenticate in Cocoon against MS Active Directory.
Are there any links/documents/WIKI entries w/ best practises available?
Can I just use the LDAP transformer for that?
Many thanks and best regards,
Werner
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication in Cocoon against MS-AD
Posted by Werner <wr...@gmx.net>.
Hello Antonio,
many thanks for your answer! I'll try approach 2 first, this seems to be
OK for the project. The mail addresses are no DNs by definition, but
unique in our case.
Werner
Antonio Fiol Bonnín wrote:
> Yes, you can user the LDAP transformer.
>
> However, you may use two different approaches:
>
> Approach 1: Do you already know the DN of the user trying to log in?
> Yes: Use it as binding DN
> No: You will need to first bind with a known user, get the DN for the
> user trying to log-in, transform that again into a LDAP query, and
> reissue the query with the right DN.
>
> Approach 2: If you know the short name of the user (account
> name)@(domain name) in our case, you can use it as binding DN even if
> it is not a real DN. This is non-standard, and MS-AD specific, AFAIK,
> but it saves you some time.
>
> --
> Antonio
>
> 2005/7/23, Werner Rudolf <wrudolf@gmx.net <ma...@gmx.net>>:
>
> Hello,
> I'd need to authenticate in Cocoon against MS Active Directory.
> Are there any links/documents/WIKI entries w/ best practises
> available?
> Can I just use the LDAP transformer for that?
>
> Many thanks and best regards,
> Werner
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication in Cocoon against MS-AD
Posted by Antonio Fiol Bonnín <an...@gmail.com>.
Yes, you can user the LDAP transformer.
However, you may use two different approaches:
Approach 1: Do you already know the DN of the user trying to log in?
Yes: Use it as binding DN
No: You will need to first bind with a known user, get the DN for the user
trying to log-in, transform that again into a LDAP query, and reissue the
query with the right DN.
Approach 2: If you know the short name of the user (account name)@(domain
name) in our case, you can use it as binding DN even if it is not a real DN.
This is non-standard, and MS-AD specific, AFAIK, but it saves you some time.
--
Antonio
2005/7/23, Werner Rudolf <wr...@gmx.net>:
>
> Hello,
> I'd need to authenticate in Cocoon against MS Active Directory.
> Are there any links/documents/WIKI entries w/ best practises available?
> Can I just use the LDAP transformer for that?
>
> Many thanks and best regards,
> Werner
>