Since ServerContext.getNexusProxy() is protected, I assume I need to create
a PartitionNexusProxy from scratch, correct? Something like this?
PartitionNexusProxy nexusProxy = new PartitionNexusProxy(
serverContext, serverContext.getService() );
String[] attrIds = new String[4];
attrIds[0] = "myAttribute1";
attrIds[1] = "myAttribute2";
attrIds[2] = "org.apache.directory.server.core.interceptor.???";
attrIds[3] = "org.apache.directory.server.core.interceptor.???";
Attributes myAttributes = nexusProxy.lookup( binDn, attrIds );
How do I know what interceptors will need to be listed? Sorry, I'm new to
the concept of interceptors, and only 1 week into the ApacheDS code.
Thanks again for your help.
Steve
On Dec 14, 2007 5:40 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote:
> Wrong class; try on NexusProxy.
>
> Alex
>
>
> On Dec 14, 2007 6:22 PM, Steven Brendtro <[EMAIL PROTECTED]>
> wrote:
>
> > I just checked svn, and for all versions (1.0.1, 1.0.2, 1.5.0, and 1.5.1)
> > of ServerContext.java has only two overloads:
> >
> > public Object lookup( String name )
> > public Object lookup( Name name )
> >
> > The first version just converts the name to an LdapDN and calls the
> > second.
> >
> > Any other way around this?
> >
> > Steve
> >
> >
> > On Dec 14, 2007 4:56 PM, Alex Karasulu <[EMAIL PROTECTED]> wrote:
> >
> > > Basically the nexus proxy makes calls to the nexus after these calls
> > > are intercepted by each interceptor in the InterceptorChain. Hence why we
> > > call it the NexusProxy. You stumbled on a particular problem: you're not
> > > authenticated yet obviously, but you're trying to go through the chain
> > > again
> > > and are encountering the authentication interceptor. You're lucky you got
> > > this exception otherwise you would have infinite recursion followed by as
> > > nasty OoME.
> > >
> > > I don't remember clearly but this version of the server might have
> > > bypass instructions for the proxy. See if there is a method overload for
> > > lookup that takes a String[] in addition to the bindDn. If you put the
> > > FQCN
> > > of an interceptor into this String array (the second argument) you will
> > > bypass that interceptor. So you probably want to bypass a few of them.
> > >
> > > Alex
> > >
> > >
> > > On Dec 14, 2007 5:21 PM, Steven Brendtro <[EMAIL PROTECTED] >
> > > wrote:
> > >
> > > > Thanks for the suggestion. It got me a bit farther, but I hit
> > > > another wall.
> > > >
> > > > In my authenticator's implementation of authenticate(), I can't call
> > > > ServerContext.getNexusProxy() as it is protected. I did try:
> > > >
> > > > PartitionNexus nexusProxy = (PartitionNexus)
> > > > serverContext.lookup( bindDn );
> > > > Attributes attributeList = nexusProxy.lookup( bindDn
> > > > );
> > > >
> > > > But got a nasty exception:
> > > > org.apache.directory.server.core.interceptor.InterceptorException:
> > > > Unexpected exception. [Root exception is
> > > > java.lang.IllegalStateException: Attempted operation by
> > > > unauthenticated caller.]
> > > >
> > > > In the middle of the stack trace was an an error pointing at the
> > > > first line of these two. I assume it has something to do with how I am
> > > > casting the Object returned from the ServerContext.lookup call. Any
> > > > ideas on the right way to do this?
> > > >
> > > > Thanks,
> > > > Steve
> > > >
> > > >
> > > > On Dec 14, 2007 12:10 PM, Alex Karasulu <[EMAIL PROTECTED]>
> > > > wrote:
> > > >
> > > > > For 1.0 your best option is to grab a handle to the nexus on
> > > > > initialization of your authenticator. Use the nexus to lookup the
> > > > > attributes of the user (the entry for the principalDn). Then you can
> > > > > perform what logic you need to interogate the attributes of the user.
> > > > >
> > > > > HTH,
> > > > > Alex
> > > > > On Dec 14, 2007 10:18 AM, Steven Brendtro <
> > > > > [EMAIL PROTECTED]> wrote:
> > > > >
> > > > > > Oh, I forgot to mention... this is for 1.0.x (specifically 1.0.1
> > > > > > ).
> > > > > >
> > > > > > Thanks
> > > > > >
> > > > > >
> > > > > > On Dec 14, 2007 8:59 AM, Steven Brendtro <[EMAIL PROTECTED]
> > > > > > > wrote:
> > > > > >
> > > > > > > I am coding a custom Authenticator Interface for doing some
> > > > > > > extra checking before authenticating the DN. Basically before I
> > > > > > > authenticate, I want to check that the user (not sure what else
> > > > > > > to call it)
> > > > > > > has certain attributes set to specific values. I've been looking
> > > > > > > through
> > > > > > > the API for the past few days and don't understand how to
> > > > > > > accomplish this.
> > > > > > > If possible, I want to get a set of Attributes back to iterate
> > > > > > > through.
> > > > > > >
> > > > > > > Any suggestions would be most helpful.
> > > > > > >
> > > > > > > Thanks in advance.
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
