Hi Ceren, in the code you pasted at the end of you rmail, you are using the administrator to connect to the server. Even if this is perfectly legal, I would not recommand to allow users to do so, as they will gain full control over the server, and then delete some vital information.
The best solution would be to create a place in the DIT where you store the users, with their password, and ask them to authenticate with those informations. I will recommend you read the following page : http://directory.apache.org/apacheds/1.0/31-authentication-options.html where this authentication is described. I hope this is enough for your need, otherwise, please feel free to post a new mail for more accurate informations. Thanks for using Apache Directory Server ! Emmanuel On 5/22/07, Ceren KOKSAL <[EMAIL PROTECTED]> wrote:
---------- Forwarded message ---------- From: Ceren KOKSAL <[EMAIL PROTECTED]> Date: May 22, 2007 1:05 AM Subject: Using Apache ds in a web application - user names, passwords To: [email protected] Hi I m using Apache ds 1.5 and trying to develop a web application.I imported a uddi schema to Apache ds, I created this schema, based on rfc 4403. My problem about the application is that, users will log on the apache ds by a web application using a web browser.Then they will add and search web services definitions, it will work as a web services registry.In java code, while connecting to the server, I'm using below code sample.Userswill have user names and passwords.How they will connect to the apache ds, using their own user names and passwords? Will it be like that, I'll connect to apache ds using the sample code below.And then I'll take the user's password and user name , I'll check if they are right or not.If right, I'll give permission to make operations on directory.If not, I will not .Or will the users connect to the directory server with their own user names and passwords without using the below code and the below security options?I hope my question is clear:) Thanks a lot.. env.put(Context. *INITIAL_CONTEXT_FACTORY*, "com.sun.jndi.ldap.LdapCtxFactory" ); env.put(Context. *PROVIDER_URL*, "ldap://localhost:10389/ou=system"; ); env.put(Context. *SECURITY_AUTHENTICATION*, "simple"); env.put(Context. *SECURITY_PRINCIPAL*, "uid=admin,ou=system"); env.put(Context. *SECURITY_CREDENTIALS*, "secret");
-- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
