[jboss-user] [JBoss Seam] - Re: Roles using LDAPLoginModule

dennisrjohn do-not-reply at jboss.com
Wed Nov 28 20:10:04 EST 2007


I thought that was the case, but it still doesn't seem to work.

I ended up overriding the LDAPLoginModule anyway, here are the relavant pieces:

public class LdapLoginModule extends UsernamePasswordLoginModule {

	private static final String BASE_DN = "dc=body,dc=local";
	private static final String PRINCIPAL_DN_PREFIX_OPT = "principalDNPrefix";
	private static final String PRINCIPAL_DN_SUFFIX_OPT = "principalDNSuffix";
	private static final String MATCH_ON_USER_DN_OPT = "matchOnUserDN";
	
	public LdapLoginModule()
   {
   }
	
   private transient SimpleGroup userRoles = new SimpleGroup("Roles");

  ...


	private void createLdapInitContext(String username, Object credential) throws NamingException
{

 ...

try
	         {
	            NamingEnumeration answer = ctx.search(rolesCtxDN, matchAttrs);
	            while (answer.hasMore())
	            {
	               SearchResult sr = (SearchResult) answer.next();
	               Attributes attrs = sr.getAttributes();
	               Attribute roles = attrs.get("name");
	               
	               for (int r = 0; r < roles.size(); r++)
	               {
	            	  String roleName = roles.get(r).toString();

	                  if (roleName != null)
	                  {
	                     try
	                     {
	                        Principal p = super.createIdentity(roleName);
	                        log.trace("Assign user to role " + roleName);
	                        userRoles.addMember(p);
	                        
	                     }
	                     catch (Exception e)
	                     {
	                        log.debug("Failed to create principal: " + roleName, e);
	                     }
	                  }
	               }
	            }
	         }
	         catch (NamingException e)
	         {
	            log.trace("Failed to locate roles", e);
	         }
 ...
}


Thanks for the reply, hopefully I'm just missing something.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4108739#4108739

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4108739



More information about the jboss-user mailing list