Answering my own question... Gonna play around with JLDAP. Terry Ryan wrote a CFC wrapper to Dave Ross' original implementation. Looks sweet.
http://www.numtopia.com/terry/programming/code_java_ldap.cfm >Hi All: > >I'm in the middle of a contract that's making pretty extensive use out of >CFLDAP (which I've maybe used twice prior to this job). One task is to >write a method that gets users by group. Problem is, some of the group >members are groups themselves. > >The request came in to recurse over the results and check each one to see if >it's a person or a group, and if a group, re-run the method to get the users >in that group. > >On Friday I refactored the method to do this, and effectively launched a >denial of service attack on the server. In running the method, I returned >10 results... 5 of which were people, 5 of which were groups. Recursing to >get the members of the 5 groups returned resulted in a bind request to the >server every .02 seconds until the server, in technical parlance, shat the >bed. > >I noticed a "rebind" attribute of the cfldap tag, but I'm not sure that >gives me what I'm looking for. What I'm hoping for is something along the >lines of: > >1) make request to server/authenticate >2) run query >3) run query >4) (keep doing this until we've drilled down far enough to return only >people) >5) disconnect from server > >"Rebind", as I understand it from the docs, will tell a single <cfldap> call >to use the existing credentials (versus trying to connect anonymously) if >the request hops from server to server. > >I'm a bit out of my comfort zone here, not being familiar with the cfldap >tag or AD in general... is there any way of doing what I outlined above? >It's been made pretty clear to me that all involved parties would prefer >that I not crash the server anymore. > >Thanks :) >Charlie > >-- >Charlie Griefer >http://charlie.griefer.com/ > >I have failed as much as I have succeeded. But I love my life. I love my >wife. And I wish you my kind of success. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:328431 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
