Well, I've just been able to login into ESME app with container-managed authentication via LDAP (MS Active Directory, org.apache.catalina.realm.JNDIRealm in Tomcat 6) and retreive additional attributes (firstName, lastName and email) via net.liftweb.ldap.LDAPVendor.
I'm also going to install 389 Directory Server on my home Fedora and check LDAP access with this implementation. Vladimir 2011/3/30 Richard Hirsch <[email protected]> > @Vladimir Great that you tried it out. > > What was the problem on Tomcat - were there 404s for the images? > > If you add the Tomcat files to the Jira item, I'll take a look at it as > well. > > D. > > On Wed, Mar 30, 2011 at 3:36 AM, Vladimir Ivanov <[email protected]> > wrote: > > Hi Richard, > > > > Have you tested container-managed auth on Tomcat? I was able to > successfully > > login by placing user-password-role mapping in tomcat-users.xml file and > > using org.apache.catalina.realm.MemoryRealm in server.xml, but after > logging > > in layout of user home page was completly broken for me (for example > default > > avatar image takes half of web page). Other pages (Streams, Users etc) > were > > OK. > > > > I've also checked net.liftweb.ldap.LDAPVendor and been able to get user > > attributes list from LDAP (Active Directory). I'm going to use > > org.apache.catalina.realm.JNDIRealm for container-managed auth via LDAP > on > > Tomcat and then LDAPVendor to populate user profile attributes (like > > firstName and lastName) in new auth module. > > > > I've taken new blog entry into work. > > > > Corresponding JIRA item has been created: > > https://issues.apache.org/jira/browse/INFRA-3549 > > > > Vladimir > > > > > > > > 2011/3/29 Richard Hirsch <[email protected]> > > > >> OK - just deployed Vladimir's changes to the stax instance. They look > fine. > >> > >> I'll take a look at Tomcat and see if I can get that working > >> > >> @Vladimir why don't you work on a new blog for using jetty and > >> container-based authentication. > >> > >> @Vladimir - please create a JIRA item (like this one: > >> https://issues.apache.org/jira/browse/INFRA-3347) to get access to the > >> esme blog. > >> > >> D. > >> > >> > >> On Tue, Mar 29, 2011 at 3:47 AM, Vladimir Ivanov <[email protected] > > > >> wrote: > >> > Ethan, > >> > > >> > It shouldn't break existing authentication scheme. New module is > mapped > >> to > >> > specific URL (you are right - it's probably better to define this URL > in > >> > property file). > >> > > >> > Vladimir > >> > > >> > 2011/3/28 Ethan Jewett <[email protected]> > >> > > >> >> Sounds good to me. I haven't been able to review the code yet, as > >> >> Vladimir requested, but actually the easiest way to get a review is > >> >> probably to commit it and then reply to the commit message requesting > >> >> that people take a look at it :-) > >> >> > >> >> One question: Is this going to break the existing login, or will it > be > >> >> optional via a configuration parameter? > >> >> > >> >> Ethan > >> >> > >> >> On Mon, Mar 28, 2011 at 4:44 PM, Richard Hirsch < > [email protected]> > >> >> wrote: > >> >> > Vladimir has added an initial version of code for this issue ( > >> >> > https://issues.apache.org/jira/browse/ESME-214) . I'd like to move > >> >> > forward on this issue. > >> >> > > >> >> > My suggestion to get things going again: > >> >> > > >> >> > 1. Vladimir should commit his changes in Boot.scala + > UserAuth.scala > >> >> > 2. Dick will test this in Tomcat. > >> >> > 3. We then document this functionality in two blogs - one for jetty > >> >> > and one for Tomcat > >> >> > > >> >> > Any thoughts? > >> >> > > >> >> > D. > >> >> > > >> >> > >> > > >> > > >> > > >> > -- > >> > Best Regards, > >> > Vladimir Ivanov > >> > > >> > > > > > > > > -- > > Best Regards, > > Vladimir Ivanov > > > -- Best Regards, Vladimir Ivanov
