Hi folks,
well, I made it. I got LDAP authentication working with Turbine 2.2 and
OpenLDAP. It works a little bit different than before but it works. I
even can set an AccessControlList from LDAP attributes of my choice. If
anyone is interested, I can provide the fixes as soon as I am satisfied
with the results (RSN!).
Now, here is the question: The authenticate() method of LDAPUserManager
completes sucessfully if the password is *empty*. It fails (as
expected), if the password is wrong. It suceeds, if the password is
correct. The key lines are probably (from bind())
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
ctx = new javax.naming.directory.InitialDirContext(env);
username is the DN like in "cn=John Doe,o=Dufftown Destilleries,c=UK"
I can solve this with Intake so that an empty password is rejected, but
I am curious. What goes wrong here?
Bye, Thomas.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
