OK, I've read over ldapAuthCheck.java (by Mark Wilcox, apparently.) I
pretty well understand everything there, except I have a blank spot in
knowledge of the Tomcat architecture. Which means I don't understand
why you had to extend simpleRealm instead of securityCheck.
Obviously, neither this class nor Tomcat implements JAAS. I'm assuming
that's because they were built before JAAS was defined. They're also
much simpler than the total pluggable-authentication-module framework
implemented by JAAS. That's cool, since I don't need all that stuff
anyhow. It's nice that the user name and password are just passed as
strings in the call to checkPassword(), for example.
So--What needs doing? I've never worked on a project so I don't know the
rules.
(The only thing I know I'd like to change is to add flexibility to use
the "mail" attribute as the userID instead of the "UID" attribute.)
Martin
Falcon cheetah wrote:
> Martin,
>
> There is a good material about LDAP with Tomcat from Wrox's
> Professional JSP. There are two chapters that talk about this, and on
> chapter 15 they write a tomcat interceptor to do this task. I am
> currently trying to squeez sometime to test that. If you want to
> download the source code from their site and take a look at it.
>
> I know they have few issues with their interceptor. For example I had
> to make the class extend SimpleRealm instead of CheckSecurity.
>
> If you want to play with it and we can cooporate on expanding this
> code or put it in a seperate project if you want. If not I am glad to
> point out this great book to you and everyone else.
>
>
>
> Ahmed.
>
> Martin Smith <[EMAIL PROTECTED]> wrote:
>
> I have been patiently lurking and waiting to see some news
> on the
> existence of a way to do Servlet container (ie Tomcat)
> authentication
> against an LDAP source of security info.
>
> I even posted an RFP at one of these freelancer sites
> (ants.com) to have
> one built. No credible responses.
>
> Limited though I am at programming java (or anything), I'm
> considering
> trying to build one myself. But I thought I'd ask one last
> time: is
> there a JNDI or LDAP Interceptor in the works anywhere?
>
> If not, any advice on the scope of the project? Do I just
> get the
> JDBCRealm source and analogize? (Sure hope we don't need
> threads! And
> callbacks sound hard, too.)
>
> TIA,
>
> martin
>
>
>
> -
> -------------------------------------------------------------------
>
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, email:
> [EMAIL PROTECTED]
>
>
> -----------------------------------------------------------------------
> Do You Yahoo!?
> Yahoo! Auctions - Buy the things you want at great prices!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
