Wrong class; try on NexusProxy. Alex
On Dec 14, 2007 6:22 PM, Steven Brendtro <[EMAIL PROTECTED]> wrote: > I just checked svn, and for all versions (1.0.1, 1.0.2, 1.5.0, and 1.5.1) > of ServerContext.java has only two overloads: > > public Object lookup( String name ) > public Object lookup( Name name ) > > The first version just converts the name to an LdapDN and calls the > second. > > Any other way around this? > > Steve > > > On Dec 14, 2007 4:56 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote: > > > Basically the nexus proxy makes calls to the nexus after these calls are > > intercepted by each interceptor in the InterceptorChain. Hence why we call > > it the NexusProxy. You stumbled on a particular problem: you're not > > authenticated yet obviously, but you're trying to go through the chain again > > and are encountering the authentication interceptor. You're lucky you got > > this exception otherwise you would have infinite recursion followed by as > > nasty OoME. > > > > I don't remember clearly but this version of the server might have > > bypass instructions for the proxy. See if there is a method overload for > > lookup that takes a String[] in addition to the bindDn. If you put the FQCN > > of an interceptor into this String array (the second argument) you will > > bypass that interceptor. So you probably want to bypass a few of them. > > > > Alex > > > > > > On Dec 14, 2007 5:21 PM, Steven Brendtro <[EMAIL PROTECTED] > > > wrote: > > > > > Thanks for the suggestion. It got me a bit farther, but I hit another > > > wall. > > > > > > In my authenticator's implementation of authenticate(), I can't call > > > ServerContext.getNexusProxy() as it is protected. I did try: > > > > > > PartitionNexus nexusProxy = (PartitionNexus) > > > serverContext.lookup( bindDn ); > > > Attributes attributeList = nexusProxy.lookup( bindDn > > > ); > > > > > > But got a nasty exception: > > > org.apache.directory.server.core.interceptor.InterceptorException: > > > Unexpected exception. [Root exception is > > > java.lang.IllegalStateException: Attempted operation by > > > unauthenticated caller.] > > > > > > In the middle of the stack trace was an an error pointing at the first > > > line of these two. I assume it has something to do with how I am casting > > > the Object returned from the ServerContext.lookup call. Any ideas on > > > the right way to do this? > > > > > > Thanks, > > > Steve > > > > > > > > > On Dec 14, 2007 12:10 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote: > > > > > > > For 1.0 your best option is to grab a handle to the nexus on > > > > initialization of your authenticator. Use the nexus to lookup the > > > > attributes of the user (the entry for the principalDn). Then you can > > > > perform what logic you need to interogate the attributes of the user. > > > > > > > > HTH, > > > > Alex > > > > On Dec 14, 2007 10:18 AM, Steven Brendtro <[EMAIL PROTECTED]> > > > > wrote: > > > > > > > > > Oh, I forgot to mention... this is for 1.0.x (specifically 1.0.1). > > > > > > > > > > Thanks > > > > > > > > > > > > > > > On Dec 14, 2007 8:59 AM, Steven Brendtro <[EMAIL PROTECTED] > > > > > > wrote: > > > > > > > > > > > I am coding a custom Authenticator Interface for doing some > > > > > > extra checking before authenticating the DN. Basically before I > > > > > > authenticate, I want to check that the user (not sure what else to > > > > > > call it) > > > > > > has certain attributes set to specific values. I've been looking > > > > > > through > > > > > > the API for the past few days and don't understand how to > > > > > > accomplish this. > > > > > > If possible, I want to get a set of Attributes back to iterate > > > > > > through. > > > > > > > > > > > > Any suggestions would be most helpful. > > > > > > > > > > > > Thanks in advance. > > > > > > > > > > > > > > > > > > > > > > > > > >
