directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Extending Authentication for Bind
Date Thu, 21 Feb 2013 16:15:07 GMT
currently we assume(rightly so) that all the users will be in DS, however
providing a method to lookup(which a
custom authenticator can override) user will solve this issue

On Thu, Feb 21, 2013 at 9:38 PM, vamsi krishna <vkrishna.p@gmail.com> wrote:

> I am running a debugger via Eclipse and can see that my authenticator was
> indeed called. After the authenticator has returned the Principal the Code
> is failing in the following line
>
>             userEntry = directoryService.getPartitionNexus().lookup(
> lookupContext );
>
> Since I have custom Constructed the Principal, I am sure My user entry
> cannot be looked up. How do I get around this error? Do I have to now write
> a PartitionInterceptor to simulate Users not present in Ldap?
>
> Thanks,
> Vamsi
>
>
> On Thu, Feb 21, 2013 at 6:30 PM, Emmanuel Lécharny <elecharny@gmail.com
> >wrote:
>
> > Le 2/21/13 1:19 PM, vamsi krishna a écrit :
> > > Hello All,
> > >
> > > I am trying to extend Authentication from ApacheDS. I am trying to
> write
> > a
> > > Custom Authenticator that will
> > >
> > > 1. Take the username and password presented in the Bind, and lookup
> > > Username and Passwords from a backend database (Oracle)
> > > 2. Authenticate the User and Password based on the database values
> > > 3. Accept the Bind.
> > >
> > > So Far, I have been successful in Creating a Custom Authenticator that
> is
> > > able to validate Username and Passwords from my backend Databases.
> > However
> > > once that is done my bind requests are failing with
> > > *[17:31:34] ERROR
> > > [org.apache.directory.server.core.authn.AbstractAuthenticator]*
> > > *- ERR_6 Authentication error : ERR_268 Cannot find a partition for
> > > uid=admin*
> >
> > It's very likely that your authenticator is never actually called.
> >
> > You should add the specific Authenticator to the list of authenticators
> > associated with your authentication level (which can be simple, string
> > or anonymous. In your case, I suggest simple).
> >
> > Are you sure your authenticator is initialized ?
> >
> > --
> > Regards,
> > Cordialement,
> > Emmanuel Lécharny
> > www.iktek.com
> >
> >
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message