directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vamsi krishna <vkrishn...@gmail.com>
Subject Re: Extending Authentication for Bind
Date Thu, 21 Feb 2013 16:08:09 GMT
I am running a debugger via Eclipse and can see that my authenticator was
indeed called. After the authenticator has returned the Principal the Code
is failing in the following line

            userEntry = directoryService.getPartitionNexus().lookup(
lookupContext );

Since I have custom Constructed the Principal, I am sure My user entry
cannot be looked up. How do I get around this error? Do I have to now write
a PartitionInterceptor to simulate Users not present in Ldap?

Thanks,
Vamsi


On Thu, Feb 21, 2013 at 6:30 PM, Emmanuel Lécharny <elecharny@gmail.com>wrote:

> Le 2/21/13 1:19 PM, vamsi krishna a écrit :
> > Hello All,
> >
> > I am trying to extend Authentication from ApacheDS. I am trying to write
> a
> > Custom Authenticator that will
> >
> > 1. Take the username and password presented in the Bind, and lookup
> > Username and Passwords from a backend database (Oracle)
> > 2. Authenticate the User and Password based on the database values
> > 3. Accept the Bind.
> >
> > So Far, I have been successful in Creating a Custom Authenticator that is
> > able to validate Username and Passwords from my backend Databases.
> However
> > once that is done my bind requests are failing with
> > *[17:31:34] ERROR
> > [org.apache.directory.server.core.authn.AbstractAuthenticator]*
> > *- ERR_6 Authentication error : ERR_268 Cannot find a partition for
> > uid=admin*
>
> It's very likely that your authenticator is never actually called.
>
> You should add the specific Authenticator to the list of authenticators
> associated with your authentication level (which can be simple, string
> or anonymous. In your case, I suggest simple).
>
> Are you sure your authenticator is initialized ?
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message