directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <enriqu...@gmail.com>
Subject Re: [ApacheDS] Internal vs. external lookups
Date Wed, 30 May 2007 02:54:22 GMT
On 5/24/07, Enrique Rodriguez <enriquer9@gmail.com> wrote:
> Hi, Directory developers,
> ...
> Is there any way to tell already if a lookup is internal vs. external?
>  Is the InternalAuthenticator a viable option?  The implementation
> would be trivial (I just did the StrongAuthenticator).

I am at a point this week where I need a solution to determining
whether a search or lookup is coming from internal vs. external to the
server.  In my working copy I modified SimpleAuthenticator to support
subclassing.  I now have an InternalAuthenticator, where the
authenticatorType is "internal" and the resulting LdapPrincipals are
of type AuthenticationLevel.INTERNAL and this works fine for me.  I
subclassed SimpleAuthenticator so I could re-use the username/password
support so internal authentication would not be totally wide-open.  I
am still binding with the admin DN.

I need to code more on my use case, but if this works for me then I
would want to commit this and eventually update all the
protocol-providers to use "internal" authentication.

Does this make sense?

Enrique

Mime
View raw message