Hi, I got into a problem using the suggested approach. The authentication module is used in the bind process, which sets a read lock on the ldap store at the beginning before it reaches the authentication module. In order to insert new entries, a write lock is required. However, given that at the beginning of the binding process, there is already a read-lock, it is impossible to get a write lock.
Is there any other place or classes/interceptors, I can overwrite to achieve the goal? james From: [email protected] [mailto:[email protected]] On Behalf Of Kiran Ayyagari Sent: Friday, April 12, 2013 9:01 AM To: Apache Directory Developers List Subject: Re: add ldap entry in apacheds within simple authentication module On Fri, Apr 12, 2013 at 9:13 PM, Wu, James C. <[email protected]<mailto:[email protected]>> wrote: Hi, I am trying to override the simple LDAP authentication with a customer external authentication source. After the external authentication succeeds, I would like to insert the principal into the apacheds ldap store. I do not want to bind to apacheds as admin in the simple authentication module as it seems to be absurd because simple authentication module is already within the server process, it should be able to made changes to the ldap store directly. I don't want to by-pass all interceptors though, because I want the kerberos keys to be generated automatically by the kerberos key derivation service. Does anyone know how to do this? just inject your custom authenticator and use the admin CoreSession from DirectoryService to inject the required entry after authentication succeeds Regards, James -- Kiran Ayyagari http://keydap.com
