directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Scott <gr8da...@gmail.com>
Subject Re: Query re: installing custom authenticator
Date Sat, 09 Jan 2010 16:32:10 GMT
Thanks, Kiran.  (I have heretofore largely avoid spring as well ;~)

On Wed, Jan 6, 2010 at 11:48 PM, Kiran Ayyagari <ayyagarikiran@gmail.com>wrote:

> hi Richard,
>
>
>
>> The essence of the problem that I'm trying to solve is that we use a
>> third-party product that can either use its own database for storing
>> credentials and user roles OR it can talk to an external provider via its
>> built-in LDAP (v3) client.  Company security policy dictates that it must
>> utilize the corporate "customer LDAP", but because of the believed need
>> for
>> additional controls, this LDAP can be accessed only through a specific
>> [java] API.  So, my not-fully-baked idea was that I could set up Apache DS
>> and point the 3rd-party product at it, and then add a custom authenticator
>> which invoked the supplied API when the bind request was processed by
>> Apache
>> DS.
>>
>
> It is certainly possible. Take a look at the various authenticators present
> under
> the package org.apache.directory.server.core.authn
>
> You need to write a custom authenticator and inject it in the server.xml
> replacing the
> <authenticationInterceptor/> tag
>
> <authenticationInterceptor>
>  <authenticators>
>    <!-- this authenticators property takes Set<Authenticator> -->
>    <set>
>     <bean id="myAuthenticator" class="my.auth.class.name">
>     </bean>
>    </set>
>  </authenticators>
> </authenticationInterceptor>
>
> PS:- am no spring expert so please double check about setting the value of
> <authenticators> using spring
>
> HTH
>
> Kiran Ayyagari
>



-- 
Outside of a dog, a book is man's best friend; inside of a dog, it's too
dark to read - Mark Twain

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message