[daisy] About LDAP authentication configuration
Carlos Palol
carlos.palol.listas at gmail.com
Mon Sep 18 07:15:12 CDT 2006
On 9/15/06, Bruno Dumon <bruno at outerthought.org> wrote:
> On Fri, 2006-09-15 at 17:52 +0200, Carlos Palol wrote:
> > Hello!
> >
> > I have some doubts about LDAP authentication configuration, this is a
> > section of /daisydata/conf/myconfig.xml:
> >
> > <!-- scheme name="ldap1" description="Test LDAP config">
> > <environment>
> > <property name="java.naming.factory.initial"
> > value="com.sun.jndi.ldap.LdapCtxFactory"/>
> > <property name="java.naming.provider.url"
> > value="ldap://strider.outerthought.net:389"/>
> > <property name="java.naming.security.authentication" value="simple"/>
> > <property name="java.naming.security.protocol" value="ssl"/>
> > <property name="java.naming.security.principal"
> > value="cn=$daisyLogin,dc=outerthought,dc=org"/>
> >
> > # Isn't it manager user what i should put here, instead of
> > authentication user? I think in my particular circumstances, can't do
> > a search in our LDAP unless I use manager + password.
> >
> > # Shouldn't I, in that case, set also java.naming.security.credentials?
> >
> > # How the authenticator knows daisy login maps to uid (or a different
> > property) in my LDAP?
>
> The LDAP authenticator in Daisy is only able to check credentials by
> logging in to LDAP (i.e. by performing an ldap "bind" operation).
>
> The sort of authentication you want to do would require a different
> implementation. If you create something, a patch would be very welcome.
> For starters, begin with writing a small standalone java class that
> implements the sort of authentication you want to perform. Integrating
> that into Daisy shouldn't be very hard then, we can give a hand if
> necessary.
I'm very basic with java. I'll try and let you know.
Bye
More information about the daisy
mailing list