As was mentioned in the other thread, the ability to do a query (potentially with a configurable username/password) in order to determine the user dn would be enormously useful. This is a fairly standard way to do ldap authentication (typically the "username" is an attribute of the dn) and shiro should probably support it by default.
Thanks, Jared On 03/31/2011 12:53 PM, Les Hazlewood wrote: > Hi folks, > > The latest LDAP support currently is in the form of the JndiLdapRealm. > > Unfortunately, this name has confused enough people - often they think > they need to be using JNDI in order to use it (this is not the case - > the JNDI API itself is used as an implementation strategy, and it does > not require that anything be actually stored in JNDI, but that's > beside the point). > > Because of this, there is a Jira issue to rename it to something else > for the next release (i.e. deprecate JndiLdapRealm and create a > 'DefaultJndiRealm' or something like that). When we do that, we have > the opportunity to make it better and/or add features. > > What is missing from Shiro's LDAP support that you would need in order > to use it 'out-of-the-box' with your apps? Ideally I'd like to get as > much in there such that subclassing is rarely necessary. > > All suggestions are welcome! > > Thanks, > > Les
signature.asc
Description: OpenPGP digital signature
