directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <ayyagariki...@gmail.com>
Subject Re: Query re: installing custom authenticator
Date Thu, 07 Jan 2010 05:48:50 GMT
hi Richard,

> 
> The essence of the problem that I'm trying to solve is that we use a
> third-party product that can either use its own database for storing
> credentials and user roles OR it can talk to an external provider via its
> built-in LDAP (v3) client.  Company security policy dictates that it must
> utilize the corporate "customer LDAP", but because of the believed need for
> additional controls, this LDAP can be accessed only through a specific
> [java] API.  So, my not-fully-baked idea was that I could set up Apache DS
> and point the 3rd-party product at it, and then add a custom authenticator
> which invoked the supplied API when the bind request was processed by Apache
> DS.

It is certainly possible. Take a look at the various authenticators present under
the package org.apache.directory.server.core.authn

You need to write a custom authenticator and inject it in the server.xml replacing the
<authenticationInterceptor/> tag

<authenticationInterceptor>
   <authenticators>
     <!-- this authenticators property takes Set<Authenticator> -->
     <set>
      <bean id="myAuthenticator" class="my.auth.class.name">
      </bean>
     </set>
   </authenticators>
</authenticationInterceptor>

PS:- am no spring expert so please double check about setting the value of <authenticators>
using spring

HTH

Kiran Ayyagari

Mime
View raw message