geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Mulder <ammul...@alumni.princeton.edu>
Subject Re: Who understands the LDAP login module?
Date Sun, 20 Nov 2005 19:36:33 GMT
Well, that's a start, but it doesn't actually explain what any of the
LDAP login module options are -- it only tells you what to set them to
if you want to connect to the sample.  I'd like to come up with a
meaningful text description of each option:

initialContextFactory
connectionURL
connectionUsername
connectionPassword
connectionProtocol
authentication
userBase
userSearchMatching
userSearchSubtree
roleBase
roleName
roleSearchMatching
roleSearchSubtree
userRoleName

I have a vague idea of some of them from hacking around with this kind
of stuff before -- but for the most part, I probably coun't explain it
well.  But even for nominally straightforward ones like connect
username and password -- does the provided account need to be an LDAP
administrator?  Do I understand right that the realm will attempt to
bind to LDAP as the user to verify their password?  If so, why do you
need the admin account and search params, why not just connect as the
user and if it works look up their groups?

Thanks,
   Aaron

On 11/20/05, Jeff Genender <jgenender@apache.org> wrote:
> Looks like Hernan put together a really nice tutorial on Geronimo with
> the LDAp login module and Apache Directory.
>
> http://opensource2.atlassian.com/confluence/oss/display/GERONIMO/Configuring+LDAP
>
> Aaron Mulder wrote:
> > It has like 14 parameters -- if I could get some help figuring out
> > what all of those mean, and maybe some samples for hooking it up to
> > OpenLDAP, Sun LDAP, and Active Directory LDAP, that would be
> > outstanding.
> >
> > Thanks,
> >     Aaron
> >
> > http://svn.apache.org/viewcvs.cgi/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/LDAPLoginModule.java?rev=345629&view=markup
>

Mime
View raw message