directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antoine Levy-Lambert <anto...@gmx.de>
Subject Re: Passthrough authentication with Apache Directory Server
Date Thu, 18 Nov 2010 15:47:22 GMT
Thanks Steven,

Antoine

On 11/17/10 3:03 PM, Hammond, Steven wrote:
> I cannot contribute the code, but I can describe the basic use
>
> When initializing the ApacheDS server, which we did in code, not in a config file:
>       NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
>       ntlmMechanismHandler.setNtlmProvider(new JcifsNtlmProvider());
>
>       ldapServer.removeSaslMechanismHandler(SupportedSaslMechanisms.NTLM);
>       ldapServer.addSaslMechanismHandler(SupportedSaslMechanisms.NTLM, ntlmMechanismHandler);
>       ldapServer.removeSaslMechanismHandler(SupportedSaslMechanisms.GSS_SPNEGO);
>       ldapServer.addSaslMechanismHandler(SupportedSaslMechanisms.GSS_SPNEGO, ntlmMechanismHandler);
>
>
> Then in generateChallenge we created a Type2Message message from the type1 bytes using
JCIFS
> Getting the serverNonce from code like http://www.jarvana.com/jarvana/view/com/liferay/portal/portal-impl/6.0.3/portal-impl-6.0.3-sources.jar!/com/liferay/portal/security/ntlm/NetlogonConnection.java?format=ok

>
> Then authenticate uses code similar the logon function in http://www.jarvana.com/jarvana/view/com/liferay/portal/portal-impl/6.0.2/portal-impl-6.0.2-sources.jar!/com/liferay/portal/security/ntlm/Netlogon.java?format=ok

>
> -----Original Message-----
> From: Antoine Levy-Lambert [mailto:antoine@gmx.de] 
> Sent: Friday, November 12, 2010 6:17 AM
> To: users@directory.apache.org
> Subject: Re: Passthrough authentication with Apache Directory Server
>
>   Hi,
>
> I would also be interested to see (and reuse) this code.
>
> Regards,
>
> Antoine
>
> On 11/12/2010 4:44 AM, Kiran Ayyagari wrote:
>> hi Steven,
>>
>> On Fri, Nov 12, 2010 at 10:24 AM, Hammond, Steven
>> <Steven.Hammond@polycom.com>  wrote:
>>> It is kindof implemented.  We are using it with 1.5.3, but we had to write our
own JcifsNtlmInterceptor
>> Is there any chance that you (with your organization) would consider
>> to contribute this code to ApacheDS?
>>
>> Kiran Ayyagari


Mime
View raw message