geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Mulder <ammul...@alumni.princeton.edu>
Subject Re: How to connect to LDAP server on Geronimo from an LDAP client?
Date Wed, 25 Jan 2006 17:16:20 GMT
I don't know much about LDAP, but...  Is password hashing part of the
standard?  Is there some way for our LDAP realm to figure out whether
the server expects a password in plain text or MD5 or SHA?  I know we
can send the hashed password, it's just a question of figuring out
which password method the LDAP server is expecting.  If nothing else,
we could add a configuration option for the password hashing
mechanism, but I would hope we could tell from the server's initial
challenge or something.

Thanks,
    Aaron

On 1/25/06, Phani Madgula <phanibalaji.madgula@gmail.com> wrote:
> Hi Hernan,
>
> I am using AG1.0. I tried with other LDAP clients.
> I observed that, some clients store passwords in SHA, by deafult.
> The authentication is failing in either case [MD5 or SHA]
>
> Thanks
> phani
>
>
>
> On 1/25/06, Hernan Cunico <hcunico@gmail.com> wrote:
> > Hi Phani,
> > So far I am only getting this error while using Jxplorer. What other
> > client have you tried?
> >
> > Cheers!
> > Hernan
> >
> > Hernan Cunico wrote:
> > >
> > >> Hi Phani,
> > >> sorry for the delay in the reply. I am having some issues too while
> > >> validating the user.
> > >> Maybe you arlready replied this in a previous note but, what version
> > >> of Geronimo are you using?
> > >>
> > >> Cheers!
> > >> Hernan
> > >>
> > >> Phani Madgula wrote:
> > >>
> > >>> Hi Hernan,
> > >>>
> > >>> Thanks for the link. It is quite helpful & informative.
> > >>>
> > >>> I did similar operations, as specified in my previous mail, by
> > >>> deploying the sample application given in the article.  I added a new
> > >>> user user3/pass123 in "ou=users, ou=system" in Directory server, and
> > >>> in geronimo-web.xml I added the user3 in role mappings
> > >>>
> > >>>      <role-mappings>
> > >>>             <role role-name="content-administrator">
> > >>>                             <realm realm-name="ldap-realm">
> > >>>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> > >>>
> > >>>               name="admin" designated-run-as="true"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>>               name="system"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>>               name="user3"/>
> > >>>                               </realm>
> > >>>                      </role>
> > >>>
> > >>>              <role role-name="guest">
> > >>>                 <realm realm-name="ldap-realm">
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal
> > >>> "
> > >>>                   name="guest" designated-run-as="true"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>>                  name="user1"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>>                   name="user2"/>
> > >>>                 </realm>
> > >>>             </role>
> > >>>
> > >>>         </role-mappings>
> > >>>
> > >>> I used Jxplorer LDAP client to create the new user users3. When I
> > >>> provide password in PLAIN format which uses BASE64 encoding through
> > >>> LDAP client, the application is authenticating successfully. When I
> > >>> store it in MD5, the authentication is failing for user3.
> > >>>
> > >>> Any issue while using MD5 ?
> > >>>
> > >>> thanks
> > >>> phani
> > >>>
> > >>> On 1/21/06, *Hernan Cunico* <hcunico@gmail.com
> > >>> <mailto: hcunico@gmail.com> > wrote:
> > >>>
> > >>>     Hi Phani,
> > >>>     Here is an article that may help you configure LDAP
> > >>>
> > >>>
> > >>>
> http://opensource2.atlassian.com/confluence/oss/display/GERONIMO/Configuring+LDAP
> > >>>
> > >>>
> > >>>     Cheers!
> > >>>     Hernan
> > >>>
> > >>>     Phani Madgula wrote:
> > >>>      > Hi
> > >>>      >
> > >>>      > I am facing a problem while connecting to LDAP server from
an
> > >>>     LDAP client.
> > >>>      > I have installed Softerra LDAP browser and tried to connect
to
> > >>> LDAP
> > >>>      > server running on Geronimo.
> > >>>      >
> > >>>      > I always get "Can not connect to the LDAP server : ERROR
91".
> > >>>      >
> > >>>      > Any solution?
> > >>>      >
> > >>>      > thanks
> > >>>      > phani
> > >>>
> > >>>
> > >>
> > >
> >
>
>

Mime
View raw message