--On Wednesday, June 20, 2007 5:43 PM +0200 Michael Ströder
<[EMAIL PROTECTED]> wrote:
HI!
I'm currently testing proxy authorization with the control
implementation com.sun.jndi.ldap.ctl.ProxiedAuthorizationControl in
Sun's LDAP boost pack for JNDI.
slapd seems to be configured correctly since this command-line works:
ldapsearch -x -H "ldap://localhost:1390"; -D
"uid=proxyuser,ou=proxyauthztests,ou=Testing,dc=stroeder,dc=de" -w
testproxy -b "ou=Testing,dc=stroeder,dc=de" -s sub -e
\!authzid="dn:uid=proxieduser,ou=proxyauthztests,ou=Testing,dc=stroeder,d
c=de" "(objectClass=*)"
Now I'm trying to do the same via JNDI (see attached Test2.java). But
this results in:
Exception: javax.naming.NamingException: [LDAP: error code 47 - authzId
mapping failed]; remaining name 'ou=Testing,dc=stroeder,dc=de'
If starting slapd with debugging (-d args,trace,packets) I get the log
I've also attached. Note the extra char before "dn:" in line starting
with "parseProxyAuthz". I extracted the control from Wireshark and even
dumpasn1.c did not manage to decode it properly. So I suspect
something's wrong with the encoding. Can anybody please confirm this?
Any hint how to reach Sun's JNDI developers?
Have you tried using JLDAP instead? When I was at Stanford, we started
having to use JLDAP over JNDI as JLDAP had better support for control
implementations.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
