Sorry will respond to this thread in a little bit. Processing backlog now.
On 5/30/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote:
Hi Enrique, another solution would be to add a flag to the OperationContext which is passed through the interceptors, to tell if the request is internal or not. Those contexts have been created for such purposes. You have a context for each operation (SearchOperationContext, LookupOperationContext ... in core ( org.apache.directory.server.core.interceptor.context ) ). Even adding the flag to the inherited class ( AbstractOperationContext ) and adding a method in the interface -OperationContext - could help ( isInternal() ) Hope it helps. Emmanuel On 5/30/07, Enrique Rodriguez <[EMAIL PROTECTED]> wrote: > On 5/24/07, Enrique Rodriguez <[EMAIL PROTECTED]> wrote: > > Hi, Directory developers, > > ... > > Is there any way to tell already if a lookup is internal vs. external? > > Is the InternalAuthenticator a viable option? The implementation > > would be trivial (I just did the StrongAuthenticator). > > I am at a point this week where I need a solution to determining > whether a search or lookup is coming from internal vs. external to the > server. In my working copy I modified SimpleAuthenticator to support > subclassing. I now have an InternalAuthenticator, where the > authenticatorType is "internal" and the resulting LdapPrincipals are > of type AuthenticationLevel.INTERNAL and this works fine for me. I > subclassed SimpleAuthenticator so I could re-use the username/password > support so internal authentication would not be totally wide-open. I > am still binding with the admin DN. > > I need to code more on my use case, but if this works for me then I > would want to commit this and eventually update all the > protocol-providers to use "internal" authentication. > > Does this make sense? > > Enrique > -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
