Hi all,
Our existing AbstractLdapRealm was fairly rudimentary for most LDAP
needs since it really existed mostly to support the
ActiveDirectoryRealm subclass. We should have a more robust and
convenient LDAP Realm out-of-the-box.
So, a few weeks ago, I quietly committed some code for a new Realm
implementation and didn't flesh out the JavaDoc more until today. I'm
using it in my own apps and it has some good unit tests, so it should
be pretty stable, but it'd be good if we could get a few more beta
testers to play with it.
If you feel so inclined, please update from SVN to get the latest
code, mvn install it, and then add it to shiro.ini (or whatever other
config mechanism you use). For example:
[main]
...
ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm
ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com
ldapRealm.contextFactory.url = ldap://ldapHost:389
ldapRealm.contextFactory.environment[some.jndi.key] = some value
...
You only need to subclass this new class for authorization since Shiro
can't interpret your company LDAP data model, otherwise you can
use/instantiate it directly. Authentication is supported out of the
box. The JavaDoc is fairly complete, so please refer to it if
necessary.
Please try it out and let us know what you think!
Cheers,
Les
