directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Hastie <and...@ahastie.net>
Subject Re: Example of using DIGEST-MD5 against MS Active Directory
Date Tue, 31 Dec 2013 14:30:37 GMT
Thanks Kiran - That works perfectly for me now.

I fell over the fact that the implementation class LdapNetworkConnection 
does accept an instance of SaslDigestMd5Request whereas the interface 
class LdapConnection does not. I see this commented in the source[2]:-

// TODO: all the SASL bind methods are not declared in this interface, 
but implemented in LdapNetworkConnection. Is that intended?

[2]
http://svn.apache.org/repos/asf/directory/shared/trunk/ldap/client/api/src/main/java/org/apache/directory/ldap/client/api/LdapConnection.java


On 31/12/13 13:19, Kiran Ayyagari wrote:
> use SaslDigestMd5Request class
>
> take a look at the testSaslDigestMd5Bind() method in this[1] test class
>
> [1]
> http://svn.apache.org/repos/asf/directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/bind/SaslBindIT.java
>
>
> On Tue, Dec 31, 2013 at 6:39 PM, Andrew Hastie<andrew@ahastie.net>  wrote:
>
>> Hi,
>>
>> I'm experimenting with the API in an attempt to authenticate a
>> User+Password combination against an instance of MS ActiveDirectory. I have
>> both LDPA and LDAPS working fine, but when I try and use
>> br.setSaslMechanism("DIGEST-MD5") I get the following trace/response:
>>
>> DEBUG - Bind failed : MessageType : BIND_RESPONSE
>> Message ID : 1
>>      BindResponse
>>          Ldap Result
>>              Result code : (SASL_BIND_IN_PROGRESS) saslBindInProgress
>>
>> Does anyone have an example of the correct usage of the API when using
>> DIGEST-MD5? I assume this should work at the current release of the API as
>> I can specify DIGEST-MD5 (SASL) when configuring a connection in the Apache
>> Directory Studio, along with the Bind User or DN, password and SASL Realm.
>> Which leads me to question how should I specify the "SASL Realm" via the
>> API?
>>
>> Any thoughts or suggestions gratefully received.
>>
>> Thanks
>> Andrew
>>
>>
>
>

Mime
View raw message