ActiveDirectory authentication
Hello all
i have a webapp which is currently usign LDAP for authenticating our users.
At the moment i am using a LdapAuthenticationProvider along with ldap.authenticator.BindAuthenticator (and a user string, as i can login anonymously)
I need to move to ActiveDirectory authentication very soon...
the problem i have is that i can't bind anonymously to AD, so will need to login.
That would be enough for me as the only reason i use AD is to authenticate users (roles are stored somewhere else).
i have few issues here:
I have tried to implement my own BindAuthenticator, which creates a DirContext with userCredentials., this way
The problem i have with the code above (beign new to LDAP as well) is that for every authentication i need to create a DirContext.Code:@Override public DirContextOperations authenticate(Authentication authentication) { try { String principal = userPrefix + authentication.getPrincipal(); String password = (String) authentication.getCredentials(); Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, URL); env.put(Context.SECURITY_PRINCIPAL, principal); env.put(Context.SECURITY_CREDENTIALS, password); DirContext context = new InitialDirContext(env); DirContextOperations authAdapter = new DirContextAdapter(); authAdapter.addAttributeValue("ldapContext", context); return authAdapter; } catch(Exception e) { throw new IllegalArgumentException(e); } }
Will i run then out of connection in LDAP?
Ideally when a user logs off, i should 'close' the connection to ldap, is that correct?
but where do i do that if i use my custom LdapAuthenticator? at teh end of the DirContext creation?
w/kindest regards
marco
