directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel L├ęcharny <>
Subject Delegated Authenti cation
Date Wed, 15 May 2013 08:13:49 GMT
Hi guys,

a quick heads up,

I fixed the delegatedAuthentication for basic use cases. We now can have
a remote LDAP server to authenticate a user which is not present
locally, assuming the DelegatedAuthenticator is added in the
authenticator lists.

It's very basic, still.

What remains to be done, and I'm working on it, is to add SSL and
startTLS so that we cna safely authenticate to a remote server. I will
have to add some more parameters (like the TrustManager to use), and
most certainly differentiate SSL from StartTLS.

One more thing to do : determinate when to use the
DelegatedAuthentication depending on the baseDN (ie, when the user is
present locally, we may still want to delegate the authn to a remote
server, and for that, we just expect the authenticator to be called
based on the user DN). This is slaightly more complicated, but it's
definitively doable.

It was a slow week last week, and I was expecting to get it working way
faster, but I had many other things to handle.

Thanks !

Emmanuel L├ęcharny 

View raw message