Scott,
Thanks for your response.
The first link you provided answered most of my question. Also, its great to
know I need not write any code. I have 2 questions though- Originally, I wrote
an authentication handler class and placed it under /localPlugins/src and then
modified deployerConfigContext.xml to refer to my auth handler class. That
class gets called (authenticate() method actually) when the user attempts to
login. I am trying to tie this along with using LDAP to authenticate. So,
basically, I need to configure CAS to use its ldap adaptors and authenticate
and then return control to my auth handler class (authenticate() method) for
further processing. Is there a way to do that? If there is, once control
returns to my auth handler, how do I figure out whether authentication using
LDAP succeeded or not?
Thanks.
Ray.
----- Original Message ----
From: Scott Battaglia <[EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Sunday, January 28, 2007 11:24:16 AM
Subject: Re: How to use LDAP adaptor classes?
Ray,
You shouldn't need to write any code as long as the current Ldap*Handlers are
sufficient to meet your needs. And you shouldn't need any code to get your
username/password to the handler. CAS utilizes the Spring Web module which
provides "binding" capabilities. Basically, you supply a domain class (in our
case a UsernamePasswordCredentials) and Spring Web automatically matches
Request parameters to properties on your domain class. So a parameter of
username will be set on the UsernamePasswordCredentials as there is a matching
username property.
-Scott
On 1/26/07, t ray <[EMAIL PROTECTED]> wrote:
Thanks Scott. That was useful.
I have a question- It appears from all the documentation that I don't really
need to write any code at all, just configuration changes in
deployerConfigContext.xml are sufficient to get the FastBind adaptor to do the
basic authentication against an LDAP server. Is my understanding correct?
Related to that, how is the user name and password that the user entered get
passed on to the FastBind adaptor in order for authentication to occur? Do I
need some code to make that happen? I see a username and password under
ContextSource. But that appears to be of the entity thats allowed to query the
ldap server. Basically, I am wondering how to pass the username/password that
the user typed in to the LDAP server for authentication using FastBind class.
Thanks,
Ray.
PS: I really hope this doesn't turn out to be another thread. I hit reply to
the emails I receive and despite that a new thread is created for all my
response.
----- Original Message ----
From: Scott Battaglia < [EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Friday, January 26, 2007 6:36:28 AM
Subject: Re: How to use LDAP adaptor classes?
These resources may help you:
http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html
http://developer.ja-sig.org/projects/cas/multiproject/cas-server-ldap/apidocs/index.html
http://developer.ja-sig.org/test/cas.html#ldap
Note that they are slightly out of date as they refer to the LdapTemplate
project instead of the Spring LDAP project (we're working on updating this).
The Spring LDAP Javadocs can be found here:
http://www.springframework.org/ldap
-Scott
On 1/26/07, t ray < [EMAIL PROTECTED] > wrote:
Digging a bit more, I found this-
http://developer.ja-sig.org/source/viewrep/jasig/cas3/adaptors/ldap/src/main/resources/deployerConfigContext.xml?r=1.1
It is a deployerConfigContext.xml file that uses BindLdapAuthenticationHandler.
Can someone tell me if using FastBindLdapAuthenticationHandler is similar,
meaning, can I just replace BindLdapAuthenticationHandler with
FastBindLdapAuthenticationHandler? Also, can someone point me to some
description of the various properties that are allowed? Most of them in the
link above seem straight forward. I am not sure about "authenticatedReadOnly"
(what does it mean?) and those under baseEnvironmentProperties. Specifically,
where the protocol is marked "ssl", does it mean that ssl is being used to
communicate with Active Directory or is the password still being sent in clear
text?
For those wishing to use AD purely for authentication purposes and not for some
reason interested in the fastbind adaptor, you may also find the following
interesting-
http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
Thanks,
Ray.
----- Original Message ----
From: t ray < [EMAIL PROTECTED]>
To: CAS Mailing List < [email protected]>
Sent: Thursday, January 25, 2007 4:32:32 PM
Subject: How to use LDAP adaptor classes?
I wish to authenticate by querying an Active Directory server. I have modified
deployerConfigContext.xml and have replaced the SimpleTest authenticator with
my own. However, I am not sure how to use the LDAP adaptor classes that seem to
be provided in the adaptors/ldap directory. I assume these classes help in
connecting to a LDAP server and querying it. Could someone point me to some
references/resources that describe how to use these adaptor classes/how to
connect to a LDAP server?
Thanks.
Ray.
Bored stiff? Loosen up...
Download and play hundreds of games for free on Yahoo! Games.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Get your own web address.
Have a HUGE year through Yahoo! Small Business.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
____________________________________________________________________________________
Yahoo! Music Unlimited
Access over 1 million songs.
http://music.yahoo.com/unlimited
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
