On 3/28/06, Jörg Henne <[EMAIL PROTECTED]> wrote:
> without digging deep into the Kerberos et al. implementations: how does
> communication between the protocol implementations and the directory
> work? Do the protocols bind to the directory like ordinary clients or is
> there an in-VM backdoor?
Protocols bind like ordinary JNDI clients, using an in-VM JNDI
context. The key item here is the proper Initial Context Factory to
use that accesses the JNDI provider without going over the wire. This
is the "CoreContextFactory":
DEFAULT_INITIAL_CONTEXT_FACTORY =
"org.apache.directory.server.core.jndi.CoreContextFactory";
Usage is something like this (some interpretation required):
private InitialContextFactory factory;
private Hashtable env;
env = new Hashtable();
env.put( Context.INITIAL_CONTEXT_FACTORY, DEFAULT_INITIAL_CONTEXT_FACTORY );
env.put( Context.PROVIDER_URL, "ou=DhcpStuff,dc=example,dc=com" );
try
{
DirContext ctx = ( DirContext ) factory.getInitialContext( env );
}
... etc.
Enrique
