How to use LDAP adaptor classes?

Scott Battaglia scott.battaglia at gmail.com
Tue Jan 30 00:44:01 EST 2007 

Ray,

Why do you still need to call your custom Authentication Handler?

-Scott

On 1/29/07, t ray <t_ray9505 at yahoo.com> wrote:
>
> Scott,
> Thanks for your response.
> The first link you provided answered most of my question. Also, its great
> to know I need not write any code. I have 2 questions though- Originally, I
> wrote an authentication handler class and placed it under /localPlugins/src
> and then modified deployerConfigContext.xml to refer to my auth handler
> class. That class gets called (authenticate() method actually) when the user
> attempts to login. I am trying to tie this along with using LDAP to
> authenticate. So, basically, I need to configure CAS to use its ldap
> adaptors and authenticate and then return control to my auth handler class
> (authenticate() method) for further processing. Is there a way to do that?
> If there is, once control returns to my auth handler, how do I figure out
> whether authentication using LDAP succeeded or not?
>
> Thanks.
>
> Ray.
>
> ----- Original Message ----
> From: Scott Battaglia <scott.battaglia at gmail.com>
> To: Yale CAS mailing list <cas at tp.its.yale.edu>
> Sent: Sunday, January 28, 2007 11:24:16 AM
> Subject: Re: How to use LDAP adaptor classes?
>
> Ray,
>
> You shouldn't need to write any code as long as the current Ldap*Handlers
> are sufficient to meet your needs.  And you shouldn't need any code to get
> your username/password to the handler.  CAS utilizes the Spring Web module
> which provides "binding" capabilities.  Basically, you supply a domain class
> (in our case a UsernamePasswordCredentials) and Spring Web automatically
> matches Request parameters to properties on your domain class. So a
> parameter of username will be set on the UsernamePasswordCredentials as
> there is a matching username property.
>
> -Scott
>
> On 1/26/07, t ray <t_ray9505 at yahoo.com> wrote:
> >
> >  Thanks Scott. That was useful.
> >
> > I have a question- It appears from all the documentation that I don't
> > really need to write any code at all, just configuration changes in
> > deployerConfigContext.xml are sufficient to get the FastBind adaptor to
> > do the basic authentication against an LDAP server. Is my understanding
> > correct? Related to that, how is the user name and password that the user
> > entered get passed on to the FastBind adaptor in order for authentication to
> > occur? Do I need some code to make that happen? I see a username and
> > password under ContextSource. But that appears to be of the entity thats
> > allowed to query the ldap server. Basically, I am wondering how to pass the
> > username/password that the user typed in to the LDAP server for
> > authentication using FastBind class.
> >
> > Thanks,
> >
> > Ray.
> >
> > PS: I really hope this doesn't turn out to be another thread. I hit
> > reply to the emails I receive and despite that a new thread is created for
> > all my response.
> >
> >  ----- Original Message ----
> > From: Scott Battaglia < scott.battaglia at gmail.com>
> > To: Yale CAS mailing list <cas at tp.its.yale.edu>
> > Sent: Friday, January 26, 2007 6:36:28 AM
> > Subject: Re: How to use LDAP adaptor classes?
> >
> > These resources may help you:
> >
> > http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html
> >
> > http://developer.ja-sig.org/projects/cas/multiproject/cas-server-ldap/apidocs/index.html
> > http://developer.ja-sig.org/test/cas.html#ldap
> >
> > Note that they are slightly out of date as they refer to the
> > LdapTemplate project instead of the Spring LDAP project (we're working on
> > updating this).  The Spring LDAP Javadocs can be found here:
> > http://www.springframework.org/ldap
> >
> > -Scott
> >
> > On 1/26/07, t ray < t_ray9505 at yahoo.com > wrote:
> > >
> > >  Digging a bit more, I found this-
> > >
> > > http://developer.ja-sig.org/source/viewrep/jasig/cas3/adaptors/ldap/src/main/resources/deployerConfigContext.xml?r=1.1
> > >
> > > It is a deployerConfigContext.xml file that uses
> > > BindLdapAuthenticationHandler. Can someone tell me if using
> > > FastBindLdapAuthenticationHandler is similar, meaning, can I just replace
> > > BindLdapAuthenticationHandler with FastBindLdapAuthenticationHandler? Also,
> > > can someone point me to some description of the various properties that are
> > > allowed? Most of them in the link above seem straight forward. I am not sure
> > > about "authenticatedReadOnly" (what does it mean?) and those under
> > > baseEnvironmentProperties. Specifically, where the protocol is marked "ssl",
> > > does it mean that ssl is being used to communicate with Active Directory or
> > > is the password still being sent in clear text?
> > > For those wishing to use AD purely for authentication purposes and not
> > > for some reason interested in the fastbind adaptor, you may also find the
> > > following interesting-
> > >
> > > http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
> > >
> > > Thanks,
> > >
> > > Ray.
> > >
> > >  ----- Original Message ----
> > > From: t ray < t_ray9505 at yahoo.com>
> > > To: CAS Mailing List < cas at tp.its.yale.edu>
> > > Sent: Thursday, January 25, 2007 4:32:32 PM
> > > Subject: How to use LDAP adaptor classes?
> > >
> > >  I wish to authenticate by querying an Active Directory server. I have
> > > modified deployerConfigContext.xml and have replaced the SimpleTest
> > > authenticator with my own. However, I am not sure how to use the LDAP
> > > adaptor classes that seem to be provided in the adaptors/ldap directory. I
> > > assume these classes help in connecting to a LDAP server and querying it.
> > > Could someone point me to some references/resources that describe how to use
> > > these adaptor classes/how to connect to a LDAP server?
> > >
> > > Thanks.
> > >
> > > Ray.
> > >
> > > ------------------------------
> > > Bored stiff?<http://us.rd.yahoo.com/evt=49935/*http://games.yahoo.com>Loosen up...
> > > Download and play hundreds of games for free<http://us.rd.yahoo.com/evt=49935/*http://games.yahoo.com>on Yahoo! Games.
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> > >
> > > ------------------------------
> > > Get your own web address.<http://us.rd.yahoo.com/evt=49678/*http://smallbusiness.yahoo.com/domains/?p=BESTDEAL>
> > > Have a HUGE year through Yahoo! Small Business.
> > >
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> > >
> > >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> > ------------------------------
> > It's here! Your new message!
> > Get new email alerts<http://us.rd.yahoo.com/evt=49938/*http://tools.search.yahoo.com/toolbar/features/mail/>with the free Yahoo!
> > Toolbar.
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> >
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> ------------------------------
> Have a burning question? Go to Yahoo! Answers<http://answers.yahoo.com/;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx>and get answers from real people who know.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070130/1bf68f75/attachment.html

More information about the cas mailing list