manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Wright (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONNECTORS-1131) Ldap authentication for the administration console
Date Sun, 28 Jun 2015 20:38:04 GMT

    [ https://issues.apache.org/jira/browse/CONNECTORS-1131?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14604899#comment-14604899
] 

Karl Wright commented on CONNECTORS-1131:
-----------------------------------------

You should get an error code, yes -- SC_UNAUTHORIZED.

This is how it is supposed to work.  The following accesses the credentials you have defined:

{code}
          apiLoginUserName = LockManagerFactory.getStringProperty(threadContext,apiLoginUserNameProperty,"");
          apiLoginPassword = LockManagerFactory.getPossiblyObfuscatedStringProperty(threadContext,apiLoginPasswordProperty,"");
{code}

The api login password therefore must be obfuscated.  That's one thing you are doing wrong.
 The verification code looks like this:

{code}
  /** Verify API login.
  */
  public static boolean verifyAPILogin(IThreadContext threadContext, String userID, String
userPassword)
    throws ManifoldCFException
  {
    if (userID != null && userPassword != null)
    {
      return userID.equals(apiLoginUserName) &&  userPassword.equals(apiLoginPassword);
    }
    return false;
  }
{code}

The credentials are established via a login REST api call using the same session.  The cookie
is not persistent, so I would expect shutting down MCF and starting it again would lose the
login state.  If not logged in, MCF tries to log you in using user="" password="".  Of course
this will fail if you've set credentials differently from those.

I vaguely recall writing a test for this but I can't remember where it is.  It's one of the
connector integration tests, though, or in pull-agent.

So I think it's probable that after setting the parameter values you specified, you didn't
actually restart MCF?

> Ldap authentication for the administration console
> --------------------------------------------------
>
>                 Key: CONNECTORS-1131
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1131
>             Project: ManifoldCF
>          Issue Type: Wish
>            Reporter: colin
>            Assignee: Karl Wright
>             Fix For: ManifoldCF 1.10, ManifoldCF 2.2
>
>         Attachments: AdminProfile.java, LdapAuthenticator.java
>
>
> Hi Guys,
> Could more options be added for authenticating to the MCF administration ui?
> The username / password can be set in the properties.xml but it would make it easier
for enterprise integration if ldap was supported.
> Thanks,
> Colin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message