directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <>
Subject Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute
Date Thu, 07 Dec 2017 18:51:48 GMT

Le 06/12/2017 à 16:53, Isenhour, Justin a écrit :
> My desire was to keep all standard features of the default authenticator, allow it to
run first to perform the standard validations then run my custom validation after.  To do
this I created my custom authentication interceptor which extends AuthenticationInterceptor,
then I updated the list of interceptors and changed the class name for the AuthenticationInterceptor
from the standard class to my custom class.  Attached is the source code for my custom authenticator.
 For now I will try to move the call to super just after I perform my status check and see
if that works but if you have a better solution I would be happy to hear it.  If you have
any other feedback on this custom authenticator (problems I may be causing for myself that
I am not aware of) please let me know as well.

I guess that calling authenticator.invalidateCache( bindContext.getDn()
); *before* calling super.bind(bindContext) should do the trick.

The idea is to remove the DN from the cache, so that the bind operation
is processed fully, instead of being bypassed if the user has already
been bound.

>From the performance point of view, the impact is not necessarily
critical, if you don't have thousand bind/s anyway.

Give it a try, and let me know if it does the job.

Emmanuel Lecharny

View raw message