JNDI authentication (cross-post w/ Omni)
JNDI authentication (cross-post w/ Omni)
- Subject: JNDI authentication (cross-post w/ Omni)
- From: Josh Paul <email@hidden>
- Date: Fri, 2 Jul 2004 11:07:14 -0700
(I sent this yesterday, but I didn't see it post)
I am attempting to create a login panel which authenticates users using
Open Directory and JNDI. I've used the following to determine what
authentication method to use:
try {
// Create initial context
DirContext ctx = new InitialDirContext();
// Read supportedSASLMechanisms from root DSE
Attributes attrs = ctx.getAttributes("ldap://newton.local.:389",
new String[]{"supportedSASLMechanisms"});
System.out.println(attrs);
// Close the context when we're done
ctx.close();
} catch (Exception e) {
e.printStackTrace();
}
which reports back "{supportedsaslmechanisms=supportedSASLMechanisms:
CRAM-MD5}" So, I assume CRAM-MD5 should be used.
Then I:
try {
// Set up environment for creating initial context
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://newton.local.:389");
// Authenticate
env.put(Context.SECURITY_AUTHENTICATION, "CRAM-MD5");
env.put(Context.SECURITY_PRINCIPAL, principal); // yes, the 'cn='
etc. are being set...
env.put(Context.SECURITY_CREDENTIALS, password);
// Create initial context
DirContext ctx = new InitialDirContext(env);
ctx.close();
isValid = true;
} catch (Exception e) {
e.printStackTrace();
isValid = false;
}
which results in:
javax.naming.AuthenticationNotSupportedException: CRAM-MD5
at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:108)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sun.jndi.ldap.LdapClient.saslBind(LdapClient.java:399)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:215)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2640)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
at
com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:
136)
at
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:
66)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:
662)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.init(InitialContext.java:219)
at javax.naming.InitialContext.<init>(InitialContext.java:195)
at
javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:
80)
at Main.submit(Main.java:62)
I've looked around for a CRAM-MD5 java implementation, but I haven't
been able to find one. I've tried connecting using "simple" and running
the password through MD5, but I didn't have any luck. I'm now looking
for some help.
I am attempting to connect to an xserve running 10.3.4 from a client
running 10.3.4, WO 5.2.3 and Java 1.4.2.
Has anyone managed to authenticate users against Open Directory using
JNDI? How?
TIA.
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.