You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@lenya.apache.org by Doug Chestnut <dh...@virginia.edu> on 2004/02/12 21:51:41 UTC
Re: user authenticator
Hi All,
Don't know if it is worth contributing, but it seems to be working out good
for my needs. My clients already use an NT domain to login to their
computers so I wanted them to be able to use their domain userid and
password. I used the jcifs jar to do the authentication and simply extended
the FileUser class. I was also able to use jcifs to authenticate against a
smb share.
For now I just create the user with lenya, then edit the
config/ac/passwd/id.iml file to use org.apache.lenya.ac.cifs.CIFSUser
instead of org.apache.lenya.ac.file.FileUser. I would love to have the
option in lenya when I create the user though! It would also be cool to be
able to specify a server to authenticate against.
package org.apache.lenya.ac.cifs;
import java.io.File;
import org.apache.lenya.ac.file.*;
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.Password;
import org.apache.log4j.Category;
import jcifs.smb.*;
import jcifs.UniAddress;
import java.net.UnknownHostException;
/**
*
* @author doug
*/
public class CIFSUser extends FileUser {
/**
* Creates a new CIFSUser object.
*/
public CIFSUser() {
}
/**
* Create a CIFSUser
*/
public CIFSUser(File configurationDirectory, String id, String fullName,
String email,
String password) {
super(configurationDirectory, id, fullName, email, password);
}
/**
* Authenticate a user. This is done by NTDomain Authentication
* using jcifs
*
* @param password to authenticate with
* @return true if the given password matches the password for this user
*/
public boolean authenticate(String password) {
//Don't want to log Domain passwords!!!!
//log.debug("Password: " + password);
//log.debug("pw encypted: " + Password.encrypt(password));
//log.debug("orig encrypted pw: " + this.encryptedPassword);
System.setProperty(
"jcifs.smb.client.disablePlainTextPasswords","false" );
try {
UniAddress mydomaincontroller = UniAddress.getByName(
"primarydomainserver.whatever" );
NtlmPasswordAuthentication mycreds = new
NtlmPasswordAuthentication( "WORKGROUP", super.getId(), password);
SmbSession.logon( mydomaincontroller, mycreds );
// SUCCESS
return true;
} catch( SmbAuthException sae ) {
// AUTHENTICATION FAILURE
return false;
} catch( SmbException se ) {
// NETWORK PROBLEMS?
//se.printStackTrace();
return false;
} catch( UnknownHostException unho) {
return false;
}
}
}
----- Original Message -----
From: "Michael Wechner" <mi...@wyona.com>
To: "Lenya Users List" <le...@cocoon.apache.org>
Sent: Tuesday, January 27, 2004 1:59 PM
Subject: Re: user authenticator
> Doug Chestnut wrote:
> > Hi all,
> > I would like to authenticate users against an NT Domain. The java looks
> > very easy with jCIFS. I assume that I need to implement a user
> > authenticator to do this.
>
> right, there is an API
>
> Is this the right track?
>
> It should be documented quite nicely within the Lenya documentation
>
> ant javadocs
> ant install
>
> 127.0.0.1:8080/lenya/docs-new/
>
> Is this something that
> > is already supported that I am unaware of?
>
>
> you mean NT Domain authentication? Not that I know
>
> >
> > I hate to give my clients another password to remember.
>
> yes, makes sense. Can you contribute the code?
>
> Michi
> >
> > Thanks,
> > --Doug
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
> > For additional commands, e-mail: lenya-user-help@cocoon.apache.org
> >
> >
>
>
> --
> Michael Wechner
> Wyona Inc. - Open Source Content Management - Apache Lenya
> http://www.wyona.com http://cocoon.apache.org/lenya/
> michael.wechner@wyona.com michi@apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: lenya-user-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: user authenticator
Posted by Thorsten Scherler <th...@juntadeandalucia.es>.
Doug Chestnut wrote:
>Hi All,
>Don't know if it is worth contributing, but it seems to be working out good
>for my needs. My clients already use an NT domain to login to their
>computers so I wanted them to be able to use their domain userid and
>password. ...
>
>I would love to have the
>option in lenya when I create the user though! It would also be cool to be
>able to specify a server to authenticate against.
>
>
>
+1
Like heaps of company using LDAP. Would be really nice to choose which
auth. pub can have (Standard|SMB|LDAP|Custom) .
--
Thorsten Scherler
Tfno: 955 062 627
Email: thorsten.scherler.ext@juntadeandalucia.es
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: user authenticator
Posted by "Gregor J. Rothfuss" <gr...@apache.org>.
Steve Tekell wrote:
> interesting, the last time I dealt with NT authentication (in Java) I
> didn't know about jCIFS. The nice thing about J2EE container managed
> security is since my container had an LDAP authenticator already, we
> just used the LDAP interface to ActiveDirectory.
>
> I am just beginning to evaluate Lenya, am I correct to assume that Lenya
> doesn't (can't) use container managed security?
> At least for user authentication? (group/role is less important to me).
>
> I am getting pretty frustrated that so many Java web apps create yet
> another disparate security scheme. That would be ok, if it at least had
> the option to use the user authentication from the container.
i agree, this option should be provided. i have never tried it but you
may be able to combine it.
--
Gregor J. Rothfuss
Wyona Inc. - Open Source Content Management - Apache Lenya
http://wyona.com http://cocoon.apache.org/lenya
gregor.rothfuss@wyona.com gregor@apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: user authenticator
Posted by Steve Tekell <st...@unm.edu>.
interesting, the last time I dealt with NT authentication (in Java) I
didn't know about jCIFS. The nice thing about J2EE container managed
security is since my container had an LDAP authenticator already, we
just used the LDAP interface to ActiveDirectory.
I am just beginning to evaluate Lenya, am I correct to assume that Lenya
doesn't (can't) use container managed security?
At least for user authentication? (group/role is less important to me).
I am getting pretty frustrated that so many Java web apps create yet
another disparate security scheme. That would be ok, if it at least had
the option to use the user authentication from the container.
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org