• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authenticating users in OpenDS ldap server

 
Pradeep Mudaliar
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I wish to authenticate users to a web application using the data from the OpenDS ldap server. I have written the code to connect to the server and it is working fine.

Now, when the user (whose details are stored in an ldif file available to the ldap server) logs in to the application using a user name and password, I want to query the server to get the user�s password. Then I wish to compare the password used by the user for the current session with the retrieved password so that I can authenticate him/her.

The problem I am facing with this is that though I am getting the password attribute for the user using the following snippet -


, I am not able to authenticate the user because the password is encrypted using a scheme which is unknown to my code. I went through the Java API available to OpenDS at

and was not able to find a way to do this. I used a ldap admin tool to check the type of storage scheme used by the server and it turned out to be SSHA. But, I read somewhere that the storage scheme can be set in a property file (I had a quick look through the installation directory of opends and could not locate it ) and hence I dont wish to make the assumption that the scheme would always be SSHA in my code by using the class from the API.

Please suggest a way out of this problem. If the approach I am using is wrong, please correct me.
 
Joanne Neal
Rancher
Posts: 3742
16
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The normal way to authenticate a user against an LDAP server is to attempt to bind with the given username and password - if it fails either the user name or password is incorrect.
You can find some example code here
 
Pradeep Mudaliar
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey Joanne,

Thanks for the response. I was unnecessarily beating around the bush. The solution is quite simple and clear. Thanks again!
 
Farrukh Najmi
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Pradeep Mudaliar wrote:Hey Joanne,

Thanks for the response. I was unnecessarily beating around the bush. The solution is quite simple and clear. Thanks again!


Hi Pradeep, can you please post your simple and clear solution. It would be a big help. Thanks.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic