shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From iyya <kango...@gmail.com>
Subject Question on ldap authentication using shiro
Date Thu, 06 Oct 2011 22:06:11 GMT
Hi

I am implementing Shiro security in our application. I have the below
entries in shiro.ini

/[main]
ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm
ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com
ldapRealm.contextFactory.url = ldaps://ldap url:port
ldapRealm.contextFactory.systemUsername = cn=acc
ldapRealm.contextFactory.systemPassword=password/

It never connects or gives connection exceptions. Enabled debug logging for
shiro packages. But nothing logged. Is something wrong with the above
configuration? Is 'ldaps:' need any ssl configuration?

I have java code as - 
/public void login(String username, String password) {
	UsernamePasswordToken token;
	token = new UsernamePasswordToken(username, password);
	token.setRememberMe(true);
	Subject currentUser = SecurityUtils.getSubject();
	currentUser.login(token);
}/

Is this enough or do i have to implement a custom realm class and its
methods like getAuthenticationInfo()? From the document I understood that it
is invoked by default.


Please note this ldap authentication works fine through spring security as
below -

springsecurity.ldap.authorities.groupSearchBase = 'ou=Groups, o=myCompany'
springsecurity.ldap.search.base = 'o=myCompany'
springsecurity.ldap.context.server = 'ldaps://ldap url:port'
springsecurity.ldap.search.filter = '(uid={0})'
springsecurity.ldap.authorities.groupSearchFilter = 'uniqueMember={0}'
springsecurity.ldap.context.referral = 'follow'
springsecurity.ldap.context.managerDn = 'cn=acc,ou=users'
springsecurity.ldap.context.managerPassword = 'password'


Am i missing setting up of these /search.base and groupSearchBase/, if so
how to do that?

Please show me some samples. Thanks!


--
View this message in context: http://shiro-user.582556.n2.nabble.com/Question-on-ldap-authentication-using-shiro-tp6867533p6867533.html
Sent from the Shiro User mailing list archive at Nabble.com.

Mime
View raw message