Scott,
Could you please comment on this? I am just trying to decide if I can use the
ldap adaptors within CAS or if I should extend my custom authentication handler.
Thanks,
Ray
----- Original Message ----
From: t ray <[EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Monday, January 29, 2007 10:29:09 PM
Subject: Re: How to use LDAP adaptor classes?
Actually, I realize now, I need the custom Authentication handler to be called
both before and after CAS authenticates through LDAP. Before, because I need to
determine (depending on certain other settings in the app) whether I really
need to authenticate via LDAP (I may chose to authenticate against some other
source). After, because I need to set some state depending on whether
authentication was successful.
Thanks,
Ray.
----- Original Message ----
From: Scott Battaglia <[EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Monday, January 29, 2007 9:44:01 PM
Subject: Re: How to use LDAP adaptor classes?
Ray,
Why do you still need to call your custom Authentication Handler?
-Scott
On 1/29/07, t ray <[EMAIL PROTECTED] > wrote:
Scott,
Thanks for your response.
The first link you provided answered most of my question. Also, its great to
know I need not write any code. I have 2 questions though- Originally, I wrote
an authentication handler class and placed it under /localPlugins/src and then
modified deployerConfigContext.xml to refer to my auth handler class. That
class gets called (authenticate() method actually) when the user attempts to
login. I am trying to tie this along with using LDAP to authenticate. So,
basically, I need to configure CAS to use its ldap adaptors and authenticate
and then return control to my auth handler class (authenticate() method) for
further processing. Is there a way to do that? If there is, once control
returns to my auth handler, how do I figure out whether authentication using
LDAP succeeded or not?
Thanks.
Ray.
----- Original Message ----
From: Scott Battaglia < [EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Sunday, January 28, 2007 11:24:16 AM
Subject: Re: How to use LDAP adaptor classes?
Ray,
You shouldn't need to write any code as long as the current Ldap*Handlers are
sufficient to meet your needs. And you shouldn't need any code to get your
username/password to the handler. CAS utilizes the Spring Web module which
provides "binding" capabilities. Basically, you supply a domain class (in our
case a UsernamePasswordCredentials) and Spring Web automatically matches
Request parameters to properties on your domain class. So a parameter of
username will be set on the UsernamePasswordCredentials as there is a matching
username property.
-Scott
On 1/26/07, t ray <[EMAIL PROTECTED] > wrote:
Thanks Scott. That was useful.
I have a question- It appears from all the documentation that I don't really
need to write any code at all, just configuration changes in
deployerConfigContext.xml are sufficient to get the FastBind adaptor to do the
basic authentication against an LDAP server. Is my understanding correct?
Related to that, how is the user name and password that the user entered get
passed on to the FastBind adaptor in order for authentication to occur? Do I
need some code to make that happen? I see a username and password under
ContextSource. But that appears to be of the entity thats allowed to query the
ldap server. Basically, I am wondering how to pass the username/password that
the user typed in to the LDAP server for authentication using FastBind class.
Thanks,
Ray.
PS: I really hope this doesn't turn out to be another thread. I hit reply to
the emails I receive and despite that a new thread is created for all my
response.
----- Original Message ----
From: Scott Battaglia < [EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Friday, January 26, 2007 6:36:28 AM
Subject: Re: How to use LDAP adaptor classes?
These resources may help you:
http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html
http://developer.ja-sig.org/projects/cas/multiproject/cas-server-ldap/apidocs/index.html
http://developer.ja-sig.org/test/cas.html#ldap
Note that they are slightly out of date as they refer to the LdapTemplate
project instead of the Spring LDAP project (we're working on updating this).
The Spring LDAP Javadocs can be found here:
http://www.springframework.org/ldap
-Scott
On 1/26/07, t ray < [EMAIL PROTECTED] > wrote:
Digging a bit more, I found this-
http://developer.ja-sig.org/source/viewrep/jasig/cas3/adaptors/ldap/src/main/resources/deployerConfigContext.xml?r=1.1
It is a deployerConfigContext.xml file that uses BindLdapAuthenticationHandler.
Can someone tell me if using FastBindLdapAuthenticationHandler is similar,
meaning, can I just replace BindLdapAuthenticationHandler with
FastBindLdapAuthenticationHandler? Also, can someone point me to some
description of the various properties that are allowed? Most of them in the
link above seem straight forward. I am not sure about "authenticatedReadOnly"
(what does it mean?) and those under baseEnvironmentProperties. Specifically,
where the protocol is marked "ssl", does it mean that ssl is being used to
communicate with Active Directory or is the password still being sent in clear
text?
For those wishing to use AD purely for authentication purposes and not for some
reason interested in the fastbind adaptor, you may also find the following
interesting-
http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
Thanks,
Ray.
----- Original Message ----
From: t ray < [EMAIL PROTECTED]>
To: CAS Mailing List < [email protected]>
Sent: Thursday, January 25, 2007 4:32:32 PM
Subject: How to use LDAP adaptor classes?
I wish to authenticate by querying an Active Directory server. I have modified
deployerConfigContext.xml and have replaced the SimpleTest authenticator with
my own. However, I am not sure how to use the LDAP adaptor classes that seem to
be provided in the adaptors/ldap directory. I assume these classes help in
connecting to a LDAP server and querying it. Could someone point me to some
references/resources that describe how to use these adaptor classes/how to
connect to a LDAP server?
Thanks.
Ray.
Bored stiff? Loosen up...
Download and play hundreds of games for free on Yahoo! Games.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Get your own web address.
Have a HUGE year through Yahoo! Small Business.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Have a burning question? Go to Yahoo! Answers and get answers from real people
who know.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get
things done faster.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
____________________________________________________________________________________
Food fight? Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.
http://answers.yahoo.com/dir/?link=list&sid=396545367
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
