Re: [base] LDAP authentication (or possible alternatives)

Fri, 15 Aug 2008 07:33:17 -0700 

Hello,

> Hmmm... The POP3Authenticator is part of BASE, so if you have compiled
> it a second time you now have two classes with the same name, and that
> is usually not a good idea.
>
> Also, have you set the initialization string auth.init to a valid pop3
> mail server?

The POP3 Authenticator now works, after I've set the auth.init line to a 
correct POP3 server (I hadn't done that before because I didn't think it was 
important for testing).

> * It is considered bad practice to import anything with a * at the end.

I have removed all imports with * (and replaced them with specific imports)

> * Why do you have a 'void main()' method?

I had that for testing, because javac complained of a missing main() at one 
point, but I have now removed it.

> * If you are getting a NamingException this code only prints the error
> message and the returns indicating a successful login.
>
>          } catch (NamingException e) {
>              e.printStackTrace();
>          }
>       return new AuthenticationInformation(login, login);
>
> If the user/password is not correct you must throw either an
> UnknownLoginException or an InvalidPasswordException. For other problems
> you must throw an AuthenticationException.

I can try to add the Exceptions (actually I did try, but I was getting some 
errors), but shouldn't it work now, if the login and password are correct? 
Would the AuthenticationException give me a more informative error message? 
I've even tried hardcoding the login and password, instead of using 
the 'login' and 'password' variables. In my base.config I have this line:

auth.driver         = authentication.LDAPAuthenticator

and in the LDAPAuthenticator.java I have this line:

package authentication;

Is this correct? I think there is something wrong with this, because the code 
in the SimpleAuthenticator doesn't work if I change its package 
to 'authentication', and use the same line in base.config.

I'm attaching my latest LDAPAuthenticator.java, and the stack trace in my 
browser when I try to login.

Again, thank you for your time,
Paulo

>
> /Nicklas
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge Build the coolest Linux based applications with Moblin SDK & win
> great prizes Grand prize is a trip for two to an Open Source event anywhere
> in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> The BASE general discussion mailing list
> basedb-users@lists.sourceforge.net
> unsubscribe: send a mail with subject "unsubscribe" to
> [EMAIL PROTECTED]

Version         BASE 2.7.2 (build #4369; schema #55)
Web server      Apache Tomcat/6.0.18
Database Server         MySQL 5.0.32-Debian_7etch5-log
Database Dialect        org.hibernate.dialect.MySQLInnoDBDialect
JDBC Driver     com.mysql.jdbc.Driver (version 5.1)
Java runtime    Java(TM) SE Runtime Environment (1.6.0_07-b06), Sun 
Microsystems Inc.
Operating system        Linux amd64 2.6.18-4-amd64
Memory  Total: 120.4 MB
Free: 81.6 MB
Max: 444.5 MB
Browser         Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.15) 
Gecko/20080612 Iceweasel/2.0.0.15 (Debian-2.0.0.15-0etch1)
Error message   The authentication driver 'authentication.LDAPAuthenticator' 
could not be loaded. The error message is: authentication.LDAPAuthenticator
Stack trace     

BaseException
...at Application.getAuthenticator(Application.java:630)
...at SessionControl.verifyUserExternal(SessionControl.java:481)
...at SessionControl.login(SessionControl.java:404)
...at org.apache.jsp.login_jsp._jspService(login_jsp.java:82)
...at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
...at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
...at 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
...at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)

...at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
...at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
...at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
...at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
...at 
net.sf.basedb.clients.web.servlet.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:72)
...at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
...at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
...at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
...at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
...at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
...at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
...at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
...at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
...at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
...at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
...at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
...at java.lang.Thread.run(Thread.java:619)

/*
	$Id$

	Copyright (C) 2005 Samuel Andersson, Nicklas Nordborg
	Copyright (C) 2006 Jari Hakkinen

	This file is part of BASE - BioArray Software Environment.
	Available at http://base.thep.lu.se/

	BASE is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	BASE is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place - Suite 330,
	Boston, MA  02111-1307, USA.
*/
package authentication;

import net.sf.basedb.core.authentication.AuthenticationInformation;
import net.sf.basedb.core.authentication.Authenticator;
import net.sf.basedb.core.authentication.UnknownLoginException;
import net.sf.basedb.core.authentication.InvalidPasswordException;
import net.sf.basedb.core.authentication.AuthenticationException;


import javax.naming.NamingException;
import javax.naming.Context;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import java.util.Hashtable;

/**
	This class is an example implementation of the [EMAIL PROTECTED] Authenticator}
	interface that authenticates everyone as long as the login is the same
	as the password. This class should of course never be used in a real
	environment.

	@author Nicklas
	@version 2.0
	@base.modified $Date$
*/
public class LDAPAuthenticator
	implements Authenticator
{
	/**
		Create a new <code>SimpleAuthenticator</code> object.
	*/
	public LDAPAuthenticator()
	{
		super();
	}

	/**
		There is nothing to initialise.
	*/
	public void init(String settings)
		throws AuthenticationException
	{}

	/**
		Always return FALSE.
	*/
	public boolean supportsExtraInformation()
	{
		return false;
	}

	/**
		If login and password are equal the user is authenticated, otherwise an
		[EMAIL PROTECTED] InvalidPasswordException} is thrown.
	*/
	public AuthenticationInformation authenticate(String login, String password)
		throws UnknownLoginException, InvalidPasswordException, AuthenticationException
	/*{
		if (login == null || !login.equals(password))
		{
			throw new InvalidPasswordException(login, "Password must be equal to login");
		}
		return new AuthenticationInformation(login, login);
	}*/
	
	 {

	// Set up environment for creating initial context
        Hashtable env = new Hashtable(11);
        env.put(Context.INITIAL_CONTEXT_FACTORY,
            "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.PROVIDER_URL, "ldap://ldap.igc.gulbenkian.pt:389/";);

        // Authenticate as S. User and password "mysecret"
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, "uid=palmeida,cn=users,dc=igc,dc=gulbenkian,dc=pt");
        env.put(Context.SECURITY_CREDENTIALS, password);

        try {
            // Create initial context
            DirContext ctx = new InitialDirContext(env);
            // do something useful with ctx

            // Change to using no authentication


            // do something useful with ctx

            // Close the context when we're done
            ctx.close();
        } catch (NamingException e) {
            e.printStackTrace();
        }
	return new AuthenticationInformation(login, login);
	}

	
}

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
The BASE general discussion mailing list
basedb-users@lists.sourceforge.net
unsubscribe: send a mail with subject "unsubscribe" to
[EMAIL PROTECTED]

Reply via email to