• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS/LDAP question

 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am trying to figure out what all is required to configure my server so that I can authenticate users using LDAP on the backend. Is it just a matter of setting a configuration file, or do I need to write some custom code to connect to the LDAP server?
I have googled JAAS/LDAP tutorials and they all say to write custom code in order to do this, but I thought that the JAAS framework would allow for the configuration file to just be modified in order to change how users are authenticated.

help
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What server?
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not sure what you are asking. I have a client/server architecture. I want the server to authenticate clients upon login using information stored in an LDAP server. My question is, do I have to write custom java code in order to perform this task, or can I just write a specific configuration file that JAAS can use in order to authenticate users with information found in the LDAP server.
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When you say client/server application, what communication mechanism are you using? Raw sockets, RMI, JAX-RPC?
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The client/server portion part works fine. I am currently using a simple authentication module. I want to migrate to a LDAP authenication module. Do you know how to do this?
 
James Carman
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So, you're already using JAAS to do your authentication?
 
Lin Feng
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you can find a LDAP LoginModule implementation for you , you can config it to be used in JAAS directly. If you cannot find one , you have to write one by yourself.
Another thing is all the code should be called by Subject.doAs or Subject.doAsPrivileged. So you would write some code for that. After that if you change the authentication to a database , you might just change your config file

Thanks

Lin
[ May 06, 2005: Message edited by: LIN FENG ]
 
Elihu Smails
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, I have the JndiLoginModule working. Sorta. Now, is there a way to specify a bind password for the LDAP password? This is not the username/password that I am authenticating, but the username/password to connect to the LDAP server in order to authenticate users connecting to my server(see diagram)

client <---> server <---> LDAP
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic