Custom Login Handlers? LDAP Authentication

Daniel Fisher dfisher at vt.edu
Thu Feb 28 17:15:08 EST 2013 

Kyle,
have a look at adding an authorization handler to the jaas config:
https://code.google.com/p/vt-middleware/wiki/vtldapAuthentication
Once you've coded one, it can be added like this:

  edu.vt.middleware.ldap.jaas.LdapLoginModule required
    ldapUrl="..."
    ...
    authorizationHandlers="edu.utexas.austin.CustomAuthorizationHandler"
    ...
  };

--Daniel Fisher

On Thu, Feb 28, 2013 at 2:33 PM, Royder, Kyle D
<kroyder at austin.utexas.edu>wrote:

> Thanks for the help Scott.  This put me on a different search path of the
> users list and there seem to be a lot of discussion surrounding using a
> search filter vs implementing something in LDAP itself.  Looks like I have
> a few options moving forward.
>
> -Kyle
>
> -----Original Message-----
> From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net]
> On Behalf Of Cantor, Scott
> Sent: Thursday, February 28, 2013 12:19 PM
> To: Shib Users
> Subject: Re: Custom Login Handlers? LDAP Authentication
>
> On 2/28/13 1:03 PM, "Royder, Kyle D" <kroyder at austin.utexas.edu> wrote:
>
> >We use LDAP for authentication and attribute queries.  We are wanting
> >throw authentication errors if certain LDAP attributes are set certain
> >ways and now allow the user to create an IdP session.
>
> Well, normally I think you do that with LDAP by adjusting the search
> filter that looks up the DN for binding. If you can't express it in a
> simple search filter, there may be additional plug points in the vt-ldap
> (now ladaptive) code that would let you do this by developing the
> extension there rather than having to do a custom login handler.
>
> The author's on the list, he would know and can comment.
>
> -- Scott
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130228/e36baff4/attachment.html

More information about the users mailing list