aspose file tools*
The moose likes Java in General and the fly likes Authenticating users in OpenDS ldap server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Authenticating users in OpenDS ldap server" Watch "Authenticating users in OpenDS ldap server" New topic
Author

Authenticating users in OpenDS ldap server

Pradeep Mudaliar
Greenhorn

Joined: Oct 11, 2007
Posts: 23
Hi all,

I wish to authenticate users to a web application using the data from the OpenDS ldap server. I have written the code to connect to the server and it is working fine.

Now, when the user (whose details are stored in an ldif file available to the ldap server) logs in to the application using a user name and password, I want to query the server to get the user�s password. Then I wish to compare the password used by the user for the current session with the retrieved password so that I can authenticate him/her.

The problem I am facing with this is that though I am getting the password attribute for the user using the following snippet -


, I am not able to authenticate the user because the password is encrypted using a scheme which is unknown to my code. I went through the Java API available to OpenDS at

and was not able to find a way to do this. I used a ldap admin tool to check the type of storage scheme used by the server and it turned out to be SSHA. But, I read somewhere that the storage scheme can be set in a property file (I had a quick look through the installation directory of opends and could not locate it ) and hence I dont wish to make the assumption that the scheme would always be SSHA in my code by using the class from the API.

Please suggest a way out of this problem. If the approach I am using is wrong, please correct me.


SCJP 6 - 80%
My Blog - http://www.polymorphiccoder.blogspot.com
Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3646
    
  15
The normal way to authenticate a user against an LDAP server is to attempt to bind with the given username and password - if it fails either the user name or password is incorrect.
You can find some example code here


Joanne
Pradeep Mudaliar
Greenhorn

Joined: Oct 11, 2007
Posts: 23
Hey Joanne,

Thanks for the response. I was unnecessarily beating around the bush. The solution is quite simple and clear. Thanks again!
Farrukh Najmi
Greenhorn

Joined: Jan 29, 2008
Posts: 5
Pradeep Mudaliar wrote:Hey Joanne,

Thanks for the response. I was unnecessarily beating around the bush. The solution is quite simple and clear. Thanks again!


Hi Pradeep, can you please post your simple and clear solution. It would be a big help. Thanks.


--Farrukh
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Authenticating users in OpenDS ldap server