From users-return-1743-apmail-directory-users-archive=directory.apache.org@directory.apache.org Tue Sep 02 16:13:08 2008 Return-Path: Delivered-To: apmail-directory-users-archive@www.apache.org Received: (qmail 55987 invoked from network); 2 Sep 2008 16:13:08 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Sep 2008 16:13:08 -0000 Received: (qmail 31724 invoked by uid 500); 2 Sep 2008 16:13:06 -0000 Delivered-To: apmail-directory-users-archive@directory.apache.org Received: (qmail 31695 invoked by uid 500); 2 Sep 2008 16:13:06 -0000 Mailing-List: contact users-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@directory.apache.org Delivered-To: mailing list users@directory.apache.org Received: (qmail 31684 invoked by uid 99); 2 Sep 2008 16:13:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Sep 2008 09:13:06 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of elecharny@gmail.com designates 216.239.58.184 as permitted sender) Received: from [216.239.58.184] (HELO gv-out-0910.google.com) (216.239.58.184) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Sep 2008 16:12:05 +0000 Received: by gv-out-0910.google.com with SMTP id l14so80621gvf.19 for ; Tue, 02 Sep 2008 09:12:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=oO/djNnCFmZ1TMnsPRj0SLKvnoW+0t7IZdZFZAed9rk=; b=WHT6an9hKX4k0miOPI9PfDV6zXP7t+pZqctugb2zQtbYyfUIm4Ap1UHtTDqfTnRUMN x33V0D1qrJEpQD2+zvY2RkzvwPn2mRHOc7w7sPmTOdewrzY2FmsHOrpWINqqFyeoIpWE ksEEbKEwq97uaB6fHCmQTJtcemUvYOFPW8gN4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; b=RlouZj8HPcDu53j0b7nYQALnv5ZKvmJJEpRu7Zac8D8iYJbhg6kGsZVATS0v5QUjhD ZHAPPwtwbvhOFuhiW5pIBkNAxI/2TZj2V7LWV0J9u6Mfc5I6Nhf8cfNyfDvh9KZcIr5g 9it2WYqUuwSmEsayS6ZuO2ydWq+/P0axFP+ys= Received: by 10.103.244.10 with SMTP id w10mr5450788mur.67.1220371954324; Tue, 02 Sep 2008 09:12:34 -0700 (PDT) Received: from ?192.168.0.11? ( [78.226.4.211]) by mx.google.com with ESMTPS id j9sm38449746mue.3.2008.09.02.09.12.32 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 02 Sep 2008 09:12:33 -0700 (PDT) Message-ID: <48BD65EF.2020603@gmail.com> Date: Tue, 02 Sep 2008 18:12:31 +0200 From: Emmanuel Lecharny Reply-To: elecharny@nextury.com User-Agent: Thunderbird 2.0.0.16 (X11/20080724) MIME-Version: 1.0 To: users@directory.apache.org Subject: Re: custom authenticator - server.xml (v 1.5.3) References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Thomas.Frankewitsch@ukmuenster.de wrote: > Greetings, > Hi, > in Feb. 2007 Tim Quinn asked for the syntax used in server.xml to integrate a custom authenticator, but he referred to v1.01. > In former time apacheds.conf was used, but I wasn't able to g**gle an adaequate solution for the current version within the last 2 weeks. > > Even in digging in the source code of v.1.5.4 there was no hint... > > Background: We use in our department a directory service, which was "self made" and which does not support LDAP. Integrating a custom authenticator might be the solution to teach our ancient service standard behavour. > Currently, you will have to add some code in the server to support your custom authentication. And you will have to inject this code in the server. It's not _yet_ plugable, but will be soon. The place to look at is the protocol-ldap subproject, where you have a BindHandler with 5 different authenticator mechanisms, out of which the NTLM ones may be the closest implementation to what you want to do. Hope it helps ... -- -- cordialement, regards, Emmanuel Lécharny www.iktek.com directory.apache.org