aspose file tools*
The moose likes Security and the fly likes JAAS/LDAP question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "JAAS/LDAP question" Watch "JAAS/LDAP question" New topic
Author

JAAS/LDAP question

Elihu Smails
Ranch Hand

Joined: Jan 12, 2005
Posts: 37
I am trying to figure out what all is required to configure my server so that I can authenticate users using LDAP on the backend. Is it just a matter of setting a configuration file, or do I need to write some custom code to connect to the LDAP server?
I have googled JAAS/LDAP tutorials and they all say to write custom code in order to do this, but I thought that the JAAS framework would allow for the configuration file to just be modified in order to change how users are authenticated.

help
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
What server?


James Carman, President<br />Carman Consulting, Inc.
Elihu Smails
Ranch Hand

Joined: Jan 12, 2005
Posts: 37
Not sure what you are asking. I have a client/server architecture. I want the server to authenticate clients upon login using information stored in an LDAP server. My question is, do I have to write custom java code in order to perform this task, or can I just write a specific configuration file that JAAS can use in order to authenticate users with information found in the LDAP server.
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
When you say client/server application, what communication mechanism are you using? Raw sockets, RMI, JAX-RPC?
Elihu Smails
Ranch Hand

Joined: Jan 12, 2005
Posts: 37
The client/server portion part works fine. I am currently using a simple authentication module. I want to migrate to a LDAP authenication module. Do you know how to do this?
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
So, you're already using JAAS to do your authentication?
Lin Feng
Ranch Hand

Joined: Dec 11, 2002
Posts: 142
If you can find a LDAP LoginModule implementation for you , you can config it to be used in JAAS directly. If you cannot find one , you have to write one by yourself.
Another thing is all the code should be called by Subject.doAs or Subject.doAsPrivileged. So you would write some code for that. After that if you change the authentication to a database , you might just change your config file

Thanks

Lin
[ May 06, 2005: Message edited by: LIN FENG ]
Elihu Smails
Ranch Hand

Joined: Jan 12, 2005
Posts: 37
OK, I have the JndiLoginModule working. Sorta. Now, is there a way to specify a bind password for the LDAP password? This is not the username/password that I am authenticating, but the username/password to connect to the LDAP server in order to authenticate users connecting to my server(see diagram)

client <---> server <---> LDAP
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: JAAS/LDAP question