Thanks, Kiran. (I have heretofore largely avoid spring as well ;~) On Wed, Jan 6, 2010 at 11:48 PM, Kiran Ayyagari <[email protected]>wrote:
> hi Richard, > > > >> The essence of the problem that I'm trying to solve is that we use a >> third-party product that can either use its own database for storing >> credentials and user roles OR it can talk to an external provider via its >> built-in LDAP (v3) client. Company security policy dictates that it must >> utilize the corporate "customer LDAP", but because of the believed need >> for >> additional controls, this LDAP can be accessed only through a specific >> [java] API. So, my not-fully-baked idea was that I could set up Apache DS >> and point the 3rd-party product at it, and then add a custom authenticator >> which invoked the supplied API when the bind request was processed by >> Apache >> DS. >> > > It is certainly possible. Take a look at the various authenticators present > under > the package org.apache.directory.server.core.authn > > You need to write a custom authenticator and inject it in the server.xml > replacing the > <authenticationInterceptor/> tag > > <authenticationInterceptor> > <authenticators> > <!-- this authenticators property takes Set<Authenticator> --> > <set> > <bean id="myAuthenticator" class="my.auth.class.name"> > </bean> > </set> > </authenticators> > </authenticationInterceptor> > > PS:- am no spring expert so please double check about setting the value of > <authenticators> using spring > > HTH > > Kiran Ayyagari > -- Outside of a dog, a book is man's best friend; inside of a dog, it's too dark to read - Mark Twain
