From users-return-4946-apmail-directory-users-archive=directory.apache.org@directory.apache.org Tue Dec 11 18:51:15 2012 Return-Path: X-Original-To: apmail-directory-users-archive@www.apache.org Delivered-To: apmail-directory-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2E3A1D683 for ; Tue, 11 Dec 2012 18:51:15 +0000 (UTC) Received: (qmail 86245 invoked by uid 500); 11 Dec 2012 18:51:15 -0000 Delivered-To: apmail-directory-users-archive@directory.apache.org Received: (qmail 86226 invoked by uid 500); 11 Dec 2012 18:51:14 -0000 Mailing-List: contact users-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@directory.apache.org Delivered-To: mailing list users@directory.apache.org Received: (qmail 86215 invoked by uid 99); 11 Dec 2012 18:51:14 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Dec 2012 18:51:14 +0000 X-ASF-Spam-Status: No, hits=-5.0 required=5.0 tests=RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of wzhang@visa.com designates 198.241.159.4 as permitted sender) Received: from [198.241.159.4] (HELO visa.com) (198.241.159.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Dec 2012 18:51:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=visa.com; s=portal4; t=1355251849; x=1670597476; q=dns/txt; h=From:Subject: Date:Message-ID:Content-Language:Content-Type: Content-Transfer-Encoding; bh=ff9G5mlsgYewaXc2VTfysu2DDLP4oo9wUb 1G0jw5lY0=; b=F+/VPbsA1vQ/QU7AUn2Wl2gLw8DPhRB04ygjrhES33Aqf3QA69 VIeFXu3dF7YvJKLx7NX5oJQjX/XZPDH1QDysdS0CQSkTN8IGhiVGk7X64RqtKqr7 D+flKNAOwwE1k8gqZ/IZQlw5VD/P5iO8/0bozxKfpo9nU9xBlUD+8auNA= From: "Zhang, Wayne" To: "users@directory.apache.org" Subject: RE: Any doc about how to use ApacheDS as a proxy Thread-Topic: Any doc about how to use ApacheDS as a proxy Thread-Index: Ac3XCAkEzZw/TyPyR4G7aMY9urBNrAAVrw8AABABcQD//4jAgIAAhMhQgAA+cgD//+mH0A== Date: Tue, 11 Dec 2012 18:50:46 +0000 Message-ID: <7BB4D39DFB30804EA72E4FE704A531F8044D37@SW720MBPX060.visa.com> References: <7BB4D39DFB30804EA72E4FE704A531F8043A86@SW720MBPX060.visa.com> <7BB4D39DFB30804EA72E4FE704A531F8043B1F@SW720MBPX060.visa.com> <7BB4D39DFB30804EA72E4FE704A531F8043B43@SW720MBPX060.visa.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.172.96.83] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org I am following your advice to use 2.0M8. But it seems that you do not have= one for Solaris platform. Is that really the case?=20 I will have to get all the source and build it on Solaris? Has anyone done = that before? I know it is in Java but sometime, depending on the internal, = we still need to do some porting before it can be fully compatible with a n= ew platform, right? Thanks. Wayne -----Original Message----- From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On Behalf Of= Kiran Ayyagari Sent: Tuesday, December 11, 2012 1:27 AM To: users@directory.apache.org Subject: Re: Any doc about how to use ApacheDS as a proxy On Tue, Dec 11, 2012 at 3:32 AM, Zhang, Wayne wrote: > Thank you. > > About the version, we might need to stay with 1.5.8 since it is=20 > sometime just mentality. But not me, it is my above. We need to take=20 > very stable one rather than "largely stable". > > AFAIU you are not going to store any data in the ApacheDS so it=20 > actually doesn't matter much about the version you use. and using the new version actually makes it easier to implement your proxy = interceptor with the client API [1] > So, for 1.5.8, do you think you can give me any hints of example code=20 > or document to show me how to configure it so that the backend is a=20 > 3rd party LDAP server rather than ApacheDS? > > the only way is to write a custom interceptor to delegate all the operations to be performed on the other server. You can use the client API to connect to the other server from the new inte= rceptor > I guess the trick might be the > "#directoryService" configured=20 > for a "ldapServer" in the server.xml. It looks like that is the=20 > "backend". But I cannot find any guide on how to configure a=20 > "directoryService" for a 3rd party LDAP server. > > no, this is an essential part of the server and as mentioned above you need to write a custom interceptor [1] http://directory.apache.org/api/java-api.html > Any hints? > > Thanks. > > Wayne > > -----Original Message----- > From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On=20 > Behalf Of Kiran Ayyagari > Sent: Monday, December 10, 2012 1:49 PM > To: users@directory.apache.org > Subject: Re: Any doc about how to use ApacheDS as a proxy > > On Tue, Dec 11, 2012 at 3:13 AM, Zhang, Wayne wrote: > > > I really appreciate your response. > > > > you are welcome, anytime > > > I did add a new interceptor and I was able to intercept (actually "bind= " > > was the one fitting my need since I need the passwd) it. I could get=20 > > all the information and change information. > > > > But what I need is to make it flow through and eventually goes to=20 > > another LDAP server for the final processing. > > > > I am using 1.5.8 version and could not see the " > > DelegatingAuthenticator.java" you mentioned. It seems that is in 2.0. > > But I want to use a stable version and did not go 2.0. Will this=20 > > still be doable in 1.5.8? > > > > yes, it is still doable, however I would suggest you use the latest > version, note that things are largely stabilized in 2.0 so not much=20 > disruption and the latest is much much better than earlier versions.=20 > Feel free to ping us anytime And otoh, with Studio's new capabilities=20 > configuring the 2.0 server is going to be a very very smooth. > > In either case just contact us if you need anything with version >=3D=20 > 1.5.7 > > > Thanks. > > > > Wayne > > > > > > -----Original Message----- > > From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On=20 > > Behalf Of Kiran Ayyagari > > Sent: Monday, December 10, 2012 1:17 PM > > To: users@directory.apache.org > > Subject: Re: Any doc about how to use ApacheDS as a proxy > > > > you can add a new intereceptor > > take a look at the existing intereceptors and the=20 > > DelegatingAuthenticator.java class in apacheds/interceptors/authn=20 > > module to see how to perform delegated authentication > > > > On Tue, Dec 11, 2012 at 12:26 AM, Zhang, Wayne wrote: > > > > > I would like to use ApacheDS as a proxy so that I can intercept=20 > > > lookup and make some changes. Then I would like to forward it to=20 > > > another LDAP > > server. > > > How can I configure it that way? I could not find any hints on=20 > > > separating the frontend from the backend and use another LDAP=20 > > > server as > > the backend. > > > > > > Thanks. > > > > > > Wayne > > > > > > > > > > > -- > > Kiran Ayyagari > > http://keydap.com > > > > > > -- > Kiran Ayyagari > http://keydap.com > -- Kiran Ayyagari http://keydap.com