directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <>
Subject [jira] [Resolved] (DIRSERVER-1815) Configuring custom authenticator for ApacheDS 2.0.0-M11
Date Wed, 08 May 2013 12:31:16 GMT


Emmanuel Lecharny resolved DIRSERVER-1815.

    Resolution: Fixed
> Configuring custom authenticator for ApacheDS 2.0.0-M11
> -------------------------------------------------------
>                 Key: DIRSERVER-1815
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M11
>         Environment: Java 6u33
>            Reporter: Denis Mikhalkin
> I'm written a custom authenticator (
and configured it at "ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config".
I can see that my class is getting loaded (constructor invoked), however its authenticate
method never gets called.
> After digging through the source code I found the following suspicious sequence of actions:
> - The DirectoryService is getting created by createDirectoryService in ServiceBuilder
> - That calls createInterceptors() which creates the AuthenticationInterceptor. It reads
the properties and creates my authenticator class
> - It then calls setAuthenticators with the array of authenticators which then calls register
for each one of them
> - Register calls init however the directoryService is null (?!?) [1]
> 	  at
> 	  at
> 	  at
> 	  at
> 	  at
> 	  at
> 	  at
> 	  at
> Later, there is a call to DefaultDirectoryService.initialize which calls Authenticator.init
on each Authenticator again. However, my class does not get invoked.
> What happens is that DefaultDirectoryService.initialize eventually gets to AuthenticationInterceptor,
which reads the list of authenticators from the authenticators field. This field gets populated
in setDefaultAuthenticators, but does not get updated since then. In the end, even though
custom authenticators are initialized, only the default authenticators are registered with
the interceptor [2].
> I'm puzzled by the behavior [1] however the most critical one is [2]. Because of it I
can't seem to be able to have my authenticator get invoked during authentication.
> I've done a manual quick fix by adding the update of the AuthenticationInterceptor.authenticators
set during the AuthenticationInterceptor.register method and it seems to have fixed the issue.
Not sure whether this is the right fix. May be I'm not configuring my authenticator correctly?
The user guide does not seem to talk abut custom authenticators anymore...
> AuthenticationInterceptor:
>     private void register( Authenticator authenticator, DirectoryService directoryService
) throws LdapException
>     {
>         authenticator.init( directoryService );
>         Collection<Authenticator> authenticatorList = getAuthenticators( authenticator.getAuthenticatorType()
>         if ( authenticatorList == null )
>         {
>             authenticatorList = new ArrayList<Authenticator>();
>             authenticatorsMapByType.put( authenticator.getAuthenticatorType(), authenticatorList
>         }
>         authenticatorList.add( authenticator );
> +        authenticators.add( authenticator );
>     }

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message