[jboss-user] [JBoss Seam] - Re: Roles using LDAPLoginModule
dennisrjohn
do-not-reply at jboss.com
Wed Nov 28 20:10:04 EST 2007
I thought that was the case, but it still doesn't seem to work.
I ended up overriding the LDAPLoginModule anyway, here are the relavant pieces:
public class LdapLoginModule extends UsernamePasswordLoginModule {
private static final String BASE_DN = "dc=body,dc=local";
private static final String PRINCIPAL_DN_PREFIX_OPT = "principalDNPrefix";
private static final String PRINCIPAL_DN_SUFFIX_OPT = "principalDNSuffix";
private static final String MATCH_ON_USER_DN_OPT = "matchOnUserDN";
public LdapLoginModule()
{
}
private transient SimpleGroup userRoles = new SimpleGroup("Roles");
...
private void createLdapInitContext(String username, Object credential) throws NamingException
{
...
try
{
NamingEnumeration answer = ctx.search(rolesCtxDN, matchAttrs);
while (answer.hasMore())
{
SearchResult sr = (SearchResult) answer.next();
Attributes attrs = sr.getAttributes();
Attribute roles = attrs.get("name");
for (int r = 0; r < roles.size(); r++)
{
String roleName = roles.get(r).toString();
if (roleName != null)
{
try
{
Principal p = super.createIdentity(roleName);
log.trace("Assign user to role " + roleName);
userRoles.addMember(p);
}
catch (Exception e)
{
log.debug("Failed to create principal: " + roleName, e);
}
}
}
}
}
catch (NamingException e)
{
log.trace("Failed to locate roles", e);
}
...
}
Thanks for the reply, hopefully I'm just missing something.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4108739#4108739
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4108739
More information about the jboss-user
mailing list