[
https://issues.apache.org/jira/browse/DIRSERVER-1815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Emmanuel Lecharny resolved DIRSERVER-1815.
------------------------------------------
Resolution: Fixed
> Configuring custom authenticator for ApacheDS 2.0.0-M11
> -------------------------------------------------------
>
> Key: DIRSERVER-1815
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1815
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: core
> Affects Versions: 2.0.0-M11
> Environment: Java 6u33
> Reporter: Denis Mikhalkin
>
> I'm written a custom authenticator
> (org.apache.directory.server.core.authn.Authenticator) and configured it at
> "ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config".
> I can see that my class is getting loaded (constructor invoked), however its
> authenticate method never gets called.
> After digging through the source code I found the following suspicious
> sequence of actions:
> - The DirectoryService is getting created by createDirectoryService in
> ServiceBuilder
> - That calls createInterceptors() which creates the
> AuthenticationInterceptor. It reads the properties and creates my
> authenticator class
> - It then calls setAuthenticators with the array of authenticators which then
> calls register for each one of them
> - Register calls init however the directoryService is null (?!?) [1]
> at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.register(AuthenticationInterceptor.java:276)
> at
> org.apache.directory.server.core.authn.AuthenticationInterceptor.setAuthenticators(AuthenticationInterceptor.java:240)
> at
> org.apache.directory.server.config.builder.ServiceBuilder.createInterceptors(ServiceBuilder.java:182)
> at
> org.apache.directory.server.config.builder.ServiceBuilder.createDirectoryService(ServiceBuilder.java:1380)
> at
> org.apache.directory.server.ApacheDsService.initDirectoryService(ApacheDsService.java:300)
> at
> org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:179)
> at org.apache.directory.server.UberjarMain.start(UberjarMain.java:76)
> at org.apache.directory.server.UberjarMain.main(UberjarMain.java:54)
> Later, there is a call to DefaultDirectoryService.initialize which calls
> Authenticator.init on each Authenticator again. However, my class does not
> get invoked.
> What happens is that DefaultDirectoryService.initialize eventually gets to
> AuthenticationInterceptor, which reads the list of authenticators from the
> authenticators field. This field gets populated in setDefaultAuthenticators,
> but does not get updated since then. In the end, even though custom
> authenticators are initialized, only the default authenticators are
> registered with the interceptor [2].
> I'm puzzled by the behavior [1] however the most critical one is [2]. Because
> of it I can't seem to be able to have my authenticator get invoked during
> authentication.
> I've done a manual quick fix by adding the update of the
> AuthenticationInterceptor.authenticators set during the
> AuthenticationInterceptor.register method and it seems to have fixed the
> issue. Not sure whether this is the right fix. May be I'm not configuring my
> authenticator correctly? The user guide does not seem to talk abut custom
> authenticators anymore...
> AuthenticationInterceptor:
> private void register( Authenticator authenticator, DirectoryService
> directoryService ) throws LdapException
> {
> authenticator.init( directoryService );
> Collection<Authenticator> authenticatorList = getAuthenticators(
> authenticator.getAuthenticatorType() );
> if ( authenticatorList == null )
> {
> authenticatorList = new ArrayList<Authenticator>();
> authenticatorsMapByType.put(
> authenticator.getAuthenticatorType(), authenticatorList );
> }
> authenticatorList.add( authenticator );
> + authenticators.add( authenticator );
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
