Hi Stefan, Thanks for your reminder, I've replaced JDNI with LDAP API in the following commit:
commit d1055af7e8508e0ad81fadaaf3dd860ab1131ee7 Author: plusplusjiajia <[email protected]> Date: Thu Jul 19 15:46:16 2018 +0800 DIRKRB-724 Replace JNDI with LDAP API in LDAP plugin. Because I am not familiar with LDAP API, I have one question, it will throw exception when I start the server: ERROR{LdapApiServiceFactory.java:139}-Failed to instantiate a viable instance, instantiating new instance of java.lang.ClassNotFoundException: org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService at java.net.URLClassLoader.findClass(URLClassLoader.java:381) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:264) at org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory.initialize(LdapApiServiceFactory.java:133) at org.apache.directory.api.ldap.codec.api.LdapApiServiceFactory.getSingleton(LdapApiServiceFactory.java:96) at org.apache.directory.ldap.client.api.LdapNetworkConnection.<init>(LdapNetworkConnection.java:268) at org.apache.directory.ldap.client.api.LdapNetworkConnection.<init>(LdapNetworkConnection.java:410) at org.apache.directory.ldap.client.api.LdapNetworkConnection.<init>(LdapNetworkConnection.java:379) at org.apache.kerby.has.plugins.server.ldap.LDAPUtils.ldapAPI(LDAPUtils.java:55) at org.apache.kerby.has.plugins.server.ldap.LDAPServerPlugin.doAuthenticate(LDAPServerPlugin.java:52) at org.apache.kerby.has.server.AbstractHasServerPlugin.authenticate(AbstractHasServerPlugin.java:40) at org.apache.kerby.has.server.web.rest.AsRequestApi.asRequest(AsRequestApi.java:110) at org.apache.kerby.has.server.web.rest.AsRequestApi.asRequest(AsRequestApi.java:77) after I adding the following dependency, it works. <dependency> <groupId>org.apache.directory.api</groupId> <artifactId>api-ldap-codec-standalone</artifactId> <version>1.0.0</version> </dependency> Is the method correct? Thanks, Jiajia -----Original Message----- From: Stefan Seelmann [mailto:[email protected]] Sent: Saturday, July 14, 2018 6:46 PM To: [email protected] Subject: Re: directory-kerby git commit: DIRKRB-677 Add LDAP plugin for new authentication mechanism. Contributed by Songjun. Hi Jiajia, I noticed build failure for Kerby on Jenkins and looked into it. Then I saw that you use JNDI in the new LDAPUtils class, see below. Any reason not to use the LDAP API? It is alrady used in the ldap-backend module. Kind Regards, Stefan On 07/12/2018 04:15 AM, [email protected] wrote: > > DIRKRB-677 Add LDAP plugin for new authentication mechanism. Contributed by > Songjun. > > Commit: 5747dd130fa31a09291c95385d8e8b046f665817 > > +++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugi > +++ ns/server/ldap/LDAPUtils.java > + public static boolean doUserAuth(String user, String pwd) throws > NamingException { > + Map env = new HashMap<>(); > + env.put(Context.INITIAL_CONTEXT_FACTORY, > "com.sun.jndi.ldap.LdapCtxFactory"); > + env.put(Context.PROVIDER_URL, ldapServerConf.getLdapUrl()); > + env.put(Context.SECURITY_AUTHENTICATION, "simple"); > + env.put(Context.SECURITY_PRINCIPAL, ldapServerConf.getBindDN()); > + env.put(Context.SECURITY_CREDENTIALS, ldapServerConf.getBindPwd()); > + DirContext ctx = null; > + > + boolean ret = false; > + try { > + ctx = new InitialDirContext(new Hashtable<>(env));
