So you mean a 'connectionUserDn' and a 'connectionPassword' to connect to LDAP to perform ad-hoc queries, and not just the DN format that is used for authenticating end-users via a bind operation. Correct?
Thanks, Les On Thu, Mar 31, 2011 at 2:03 PM, Jared Bunting <[email protected]> wrote: > As was mentioned in the other thread, the ability to do a query (potentially > with a configurable username/password) in order to determine the user dn > would be enormously useful. This is a fairly standard way to do ldap > authentication (typically the "username" is an attribute of the dn) and shiro > should probably support it by default. > > Thanks, > Jared > > On 03/31/2011 12:53 PM, Les Hazlewood wrote: >> Hi folks, >> >> The latest LDAP support currently is in the form of the JndiLdapRealm. >> >> Unfortunately, this name has confused enough people - often they think >> they need to be using JNDI in order to use it (this is not the case - >> the JNDI API itself is used as an implementation strategy, and it does >> not require that anything be actually stored in JNDI, but that's >> beside the point). >> >> Because of this, there is a Jira issue to rename it to something else >> for the next release (i.e. deprecate JndiLdapRealm and create a >> 'DefaultJndiRealm' or something like that). When we do that, we have >> the opportunity to make it better and/or add features. >> >> What is missing from Shiro's LDAP support that you would need in order >> to use it 'out-of-the-box' with your apps? Ideally I'd like to get as >> much in there such that subclassing is rarely necessary. >> >> All suggestions are welcome! >> >> Thanks, >> >> Les
