I just checked svn, and for all versions (1.0.1, 1.0.2, 1.5.0, and 1.5.1) of ServerContext.java has only two overloads:
public Object lookup( String name ) public Object lookup( Name name ) The first version just converts the name to an LdapDN and calls the second. Any other way around this? Steve On Dec 14, 2007 4:56 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote: > Basically the nexus proxy makes calls to the nexus after these calls are > intercepted by each interceptor in the InterceptorChain. Hence why we call > it the NexusProxy. You stumbled on a particular problem: you're not > authenticated yet obviously, but you're trying to go through the chain again > and are encountering the authentication interceptor. You're lucky you got > this exception otherwise you would have infinite recursion followed by as > nasty OoME. > > I don't remember clearly but this version of the server might have bypass > instructions for the proxy. See if there is a method overload for lookup > that takes a String[] in addition to the bindDn. If you put the FQCN of an > interceptor into this String array (the second argument) you will bypass > that interceptor. So you probably want to bypass a few of them. > > Alex > > > On Dec 14, 2007 5:21 PM, Steven Brendtro <[EMAIL PROTECTED]> > wrote: > > > Thanks for the suggestion. It got me a bit farther, but I hit another > > wall. > > > > In my authenticator's implementation of authenticate(), I can't call > > ServerContext.getNexusProxy() as it is protected. I did try: > > > > PartitionNexus nexusProxy = (PartitionNexus) > > serverContext.lookup( bindDn ); > > Attributes attributeList = nexusProxy.lookup( bindDn ); > > > > But got a nasty exception: > > org.apache.directory.server.core.interceptor.InterceptorException: > > Unexpected exception. [Root exception is java.lang.IllegalStateException: > > Attempted operation by unauthenticated caller.] > > > > In the middle of the stack trace was an an error pointing at the first > > line of these two. I assume it has something to do with how I am casting > > the Object returned from the ServerContext.lookup call. Any ideas on > > the right way to do this? > > > > Thanks, > > Steve > > > > > > On Dec 14, 2007 12:10 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote: > > > > > For 1.0 your best option is to grab a handle to the nexus on > > > initialization of your authenticator. Use the nexus to lookup the > > > attributes of the user (the entry for the principalDn). Then you can > > > perform what logic you need to interogate the attributes of the user. > > > > > > HTH, > > > Alex > > > On Dec 14, 2007 10:18 AM, Steven Brendtro <[EMAIL PROTECTED]> > > > wrote: > > > > > > > Oh, I forgot to mention... this is for 1.0.x (specifically 1.0.1). > > > > > > > > Thanks > > > > > > > > > > > > On Dec 14, 2007 8:59 AM, Steven Brendtro <[EMAIL PROTECTED] > > > > > wrote: > > > > > > > > > I am coding a custom Authenticator Interface for doing some extra > > > > > checking before authenticating the DN. Basically before I > > > > > authenticate, I > > > > > want to check that the user (not sure what else to call it) has > > > > > certain > > > > > attributes set to specific values. I've been looking through the API > > > > > for > > > > > the past few days and don't understand how to accomplish this. If > > > > > possible, > > > > > I want to get a set of Attributes back to iterate through. > > > > > > > > > > Any suggestions would be most helpful. > > > > > > > > > > Thanks in advance. > > > > > > > > > > > > > > > > > > >
