Re: JNDI-LDAP example

From: Chuck Hill (chil..lobal-village.net)
Date: Fri Oct 15 2010 - 18:10:47 UTC

Next message: Ken Anderson: "Can't get classpath order working in Eclipse 3.5"

Previous message: Rob Urquhart: "Re: JNDI-LDAP example"
In reply to: Ray Kiddy: "JNDI-LDAP example"
Next in thread: Joe Little: "Re: JNDI-LDAP example"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Is this what you are looking for (from Mike originally):

> If you're talking to OS X Open Directory, you probably want to auth with Kerberos ... random chunks of appropriate code:
>
> System.setProperty("java.security.auth.login.config", KerberosAuthenticationManager.class.getResource("/com/mdimension/authentication/kerberos.conf").toExternalForm());
> System.setProperty("java.security.krb5.realm", realm);
> System.setProperty("java.security.krb5.kdc", kdc);
>
> String krbUserName = // whateve..OURREALM.COM
> char[] krbPassword = (password == null) ? null : password.toCharArray();
> LoginContext lc = new LoginContext("primaryLoginContext", new UserNamePasswordCallbackHandler(krbUserName, krbPassword));
> lc.login();
>
> protected static class UserNamePasswordCallbackHandler implements CallbackHandler {
> private String _userName;
> private char[] _password;
>
> public UserNamePasswordCallbackHandler(String userName, char[] password) {
> _userName = userName;
> _password = password;
> }
>
> public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
> for (Callback callback : callbacks) {
> if (callback instanceof NameCallback && _userName != null) {
> ((NameCallback) callback).setName(_userName);
> }
> else if (callback instanceof PasswordCallback && _password != null) {
> ((PasswordCallback) callback).setPassword(_password);
> }
> else {
> throw new UnsupportedCallbackException(callback);
> }
> }
> }
> }
>
> vdoop:authentication mschrag$ cat kerberos.conf
> primaryLoginContext {
> com.sun.security.auth.module.Krb5LoginModule required client=true useTicketCache=false;
> };
>
> ms

Auth is a LOT easier now than it was in JDK 1.4 days! If you are hitting AD, the java.security.krb5.realm value must be in upper case.

Chuck

On Oct 15, 2010, at 10:47 AM, Ray Kiddy wrote:

>
> Hello -
>
> Does anyone have an actual example of a model that uses JNDI to talk to an LDAP data source? I want to use an LDAP accessible authentication source. The usual thing. I end up having to do this every few years. Since the last time I did it, JNDI things seem to have become unfindable on google. I can find lots of incomplete discussions that talk about solutions. But none of them actually have the solutuion being referred to. And, of course, there is no example on the Wonder wiki.
>
> I figure that once I see a working connection dictionary, I will remember which arbitrary crud has to be inserted that I am, I have no doubt, forgetting to put in.
>
> thanx - ray
>

-- Chuck Hill Senior Consultant / VP Development

Practical WebObjects - for developers who want to increase their overall knowledge of WebObjects or who are trying to solve specific problems. http://www.global-village.net/products/practical_webobjects

application/pkcs7-signature attachment: smime.p7s

Next message: Ken Anderson: "Can't get classpath order working in Eclipse 3.5"
Previous message: Rob Urquhart: "Re: JNDI-LDAP example"
In reply to: Ray Kiddy: "JNDI-LDAP example"
Next in thread: Joe Little: "Re: JNDI-LDAP example"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2.0.0 : Fri Oct 15 2010 - 18:11:32 UTC