Ups, do not use
System.getProperty("user.name");
This value can contain anything (java.exe -D user.name="dubidu" YourClient
).
Manfred Regele
ADIG Investment GmbH
22 Methoden&Tools
Richard-Reitzner-Allee 2
85540 Haar
Tel: 089/46268-308
mailto:[EMAIL PROTECTED]
http://www.adig.de
> -----Urspr�ngliche Nachricht-----
> Von: Thomas Saxtoft [SMTP:[EMAIL PROTECTED]]
> Gesendet am: Montag, 12. November 2001 12:55
> An: Orion-Interest
> Betreff: Login from client and retrieving info thru Ldap
>
> I have worked for some time on the subj. To make it very clear I will
> start telling in a few words about the system.
>
> On the client side we are going to use Swing, connecting to a Orion
> server. We will just use simple authentication based on the
> System.getProperty("user.name");
> The server should then look up the user in Active Directory, and get the
> groups he is a member of. Based on these groups and the roles in
> ejb-jar.xml the server should administer access to the application.
> That's very short the application.
>
> Now my problem is implementing all this. I can not find any
> documentation telling me how to do it. Matthew Porter has been so kind
> to send me an implementation he has made called LdapUserManager.
>
> Based on this Manager I have the following questions:
>
> Firstly I would like to know how the client identifies to the
> UserMAnager/Orion who he is. It needs just to give the "user.name" of
> the user.
>
> Secondly, how do I tell the UserManager which attributes to take from
> the Active Directory in order to find out which groups he is a member
> of?
>
> How do I inform Orion on using LdapUserManager, and other classes from
> the com.linjafoo package?
>
> Reaching this point I believe that the server should do the rest by
> itself. The rest I reffer to adminestring the roles and access to the
> application. Please, correct me if I'm wrong.
>
> Now what I _think_ Orion will do, is that it will manage the access to
> methods and beans using the LdapUserManager. In my program code I will
> then also be able to ask isCallerInRole(role).
>
> One last thing is: Does there exits an independent implementation
> instead of using something based on the Orion model. I mean, is roles
> and grouips not part of the J2EE? I would prefer a independent way -
> write once run anywhere.
>
> That was many questions but I hope someone out their has been thru all
> this, and just knows how to do it :-)
>
> Thanks for any kind of help or comments.
>
> Thomas Saxtoft
>
> --
> Thomas Saxtoft
> EDB afdelingen
> S�ndagsavisen A/S
> Tlf.: 3957 7531
> Fax: 3957 7597
