[daisy] About LDAP authentication configuration
Bruno Dumon
bruno at outerthought.org
Fri Sep 15 13:11:01 CDT 2006
On Fri, 2006-09-15 at 17:52 +0200, Carlos Palol wrote:
> Hello!
>
> I have some doubts about LDAP authentication configuration, this is a
> section of /daisydata/conf/myconfig.xml:
>
> <!-- scheme name="ldap1" description="Test LDAP config">
> <environment>
> <property name="java.naming.factory.initial"
> value="com.sun.jndi.ldap.LdapCtxFactory"/>
> <property name="java.naming.provider.url"
> value="ldap://strider.outerthought.net:389"/>
> <property name="java.naming.security.authentication" value="simple"/>
> <property name="java.naming.security.protocol" value="ssl"/>
> <property name="java.naming.security.principal"
> value="cn=$daisyLogin,dc=outerthought,dc=org"/>
>
> # Isn't it manager user what i should put here, instead of
> authentication user? I think in my particular circumstances, can't do
> a search in our LDAP unless I use manager + password.
>
> # Shouldn't I, in that case, set also java.naming.security.credentials?
>
> # How the authenticator knows daisy login maps to uid (or a different
> property) in my LDAP?
The LDAP authenticator in Daisy is only able to check credentials by
logging in to LDAP (i.e. by performing an ldap "bind" operation).
The sort of authentication you want to do would require a different
implementation. If you create something, a patch would be very welcome.
For starters, begin with writing a small standalone java class that
implements the sort of authentication you want to perform. Integrating
that into Daisy shouldn't be very hard then, we can give a hand if
necessary.
--
Bruno Dumon http://outerthought.org/
Outerthought - Open Source, Java & XML Competence Support Center
bruno at outerthought.org bruno at apache.org
More information about the daisy
mailing list