Hi Enrique, another solution would be to add a flag to the OperationContext which is passed through the interceptors, to tell if the request is internal or not.
Those contexts have been created for such purposes. You have a context for each operation (SearchOperationContext, LookupOperationContext ... in core ( org.apache.directory.server.core.interceptor.context ) ). Even adding the flag to the inherited class ( AbstractOperationContext ) and adding a method in the interface -OperationContext - could help ( isInternal() ) Hope it helps. Emmanuel On 5/30/07, Enrique Rodriguez <[EMAIL PROTECTED]> wrote:
On 5/24/07, Enrique Rodriguez <[EMAIL PROTECTED]> wrote: > Hi, Directory developers, > ... > Is there any way to tell already if a lookup is internal vs. external? > Is the InternalAuthenticator a viable option? The implementation > would be trivial (I just did the StrongAuthenticator). I am at a point this week where I need a solution to determining whether a search or lookup is coming from internal vs. external to the server. In my working copy I modified SimpleAuthenticator to support subclassing. I now have an InternalAuthenticator, where the authenticatorType is "internal" and the resulting LdapPrincipals are of type AuthenticationLevel.INTERNAL and this works fine for me. I subclassed SimpleAuthenticator so I could re-use the username/password support so internal authentication would not be totally wide-open. I am still binding with the admin DN. I need to code more on my use case, but if this works for me then I would want to commit this and eventually update all the protocol-providers to use "internal" authentication. Does this make sense? Enrique
-- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
