icarrara
Posts: 12
|
Posted: 12/01/2005, 2:27 PM |
|
I need to validate the users from an external and already running resource. I have two cases: a document repository and a Ldap directory.
I think these are very common scanarios in an enterprise environment so I hope someone or YesSoftware would support the case.
- First case: I have the users stored in the 'users' table of a document repository. It store the password in a SHA-1 digest format, so I'm not able to read the 'password' field but I have to use the below code:
----------------------------------------------------------------------------
var repositoryManager = new
RemoteRepositoryManager("http://localhost:1234",
new Credentials("testuser", "testuser"));
var repository = repositoryManager.getRepository(new
Credentials("testuser", "testuser"));
------------------------------------------------------------------------------
How can I plug the above (or others) authentication method in a Servlet or Jsp CCS project ?
- Second case: How I can substitute the native authentication method of CCS with a Ldap authentication?
For me there is a path: using the opensource JdbcLdap Bridge from OctetString so I can see the Ldap Directory like a Sql source BUT I can set up the CCS environment for the develop time because I can't get an Odbc->Ldap bridge.... any help or idea?
Thank you!
Ivano
|
|
|
E43509
Posts: 283
|
Posted: 12/06/2005, 4:50 AM |
|
I do something very similar. I let CCS create the login page (I set the lookup table to some random table in my db as I don't care about the values).
Then on click of the login button, I do my ldap lookups (run a simple ldap query using the login credentials (fldLogin, fldPassword). If have a simple try and catch around it. If ok, I set the session variables UserLogin, UserId, GroupID. I have a simple If statement around the CCS Login control that detours around it. This was done in CF but you may be able to do the same in your language.
<!--- check credentials --->
<CFIF ucase(myLOGIN_BYPASS_AD) EQ ucase(fldpassword)> <!--- My bypass AD check --->
<CFSET loginok = true>
<CFELSE>
<CFSET ldapuser = myLOGIN_USER_DOMAIN & "\" & fldlogin>
<CFTRY>
<CFLDAP
server = "#myLOGIN_SVR_1#"
username = "#ldapuser#"
password = "#fldpassword#"
action = "query"
name = "resultsbase"
start = "#myLOGIN_ROOT_DN#"
scope = "base"
attributes="ou"
>
<CFSET loginok = true>
<CFCATCH type="any">
<CFSET loginok = false>
<CFSET strErrLogin = cfcatch.detail>
<cfoutput>#cfcatch.type#<br> #cfcatch.message#<br>#cfcatch.detail#</cfoutput>
<!--- debug logic
<cfdump var="#cfcatch#">
--->
</CFCATCH>
</CFTRY>
</CFIF>
<cfoutput>loginok:#loginok#<br>ViewAll:#session.userviewallar#<br>loginar:#loginAR#<br></cfoutput>
<CFIF NOT loginok>
<CFSET strErrLogin="Login or Password is incorrect.">
<CFSET Form.password = "">
<CFSET dummmy = StructClear(Session)> <!--- destroy all session variables --->
<CFELSEIF Session.UserViewAllAr NEQ "Y" AND loginAR NEQ "Y"> <!--- not a valid AR --->
<CFSET strErrLogin="#fldlogin# is not a valid access requestor.">
<CFSET Form.password = "">
<CFSET StructClear(Session)> <!--- destroy all session variables --->
<CFELSE> <!--- login must be ok --->
<CFLOCK NAME="Session" TIMEOUT="30" TYPE="Exclusive">
<CFSET Session.UserLogin = ucase(fldlogin)>
<CFSET Session.UserId = loginPGN>
</CFLOCK>
<CFMODULE Template="CCGetParam.cfm" strName="ret_link" outputvar="strtmpRedirect">
<CFIF strtmpRedirect NEQ "">
<CFSET strRedirect = strtmpRedirect & "&s_ACCESS_REQ_GEN_NBR=#loginPGN#">
</CFIF>
<CFSET strRedirect = strRedirect & "?s_ACCESS_REQ_GEN_NBR=#loginPGN#">
<cfoutput>strRedirect:#strRedirect#</cfoutput>
</CFIF>
<CFIF false> <!--- Comments out the original login block below --->
<!------------------------------------>
<!---End Event: OnClick. Action: Custom Code. Control: Button_DoLogin--->
<!---Event: OnClick. Action: Login. Control: Button_DoLogin @4-68BEBF00--->
<CFMODULE Template="CCLoginUser.cfm" Login="#fldlogin#" Password="#fldpassword#">
<CFIF NOT CCLoginUser>
<CFSET strErrLogin="Login or Password is incorrect.">
<CFSET Form.password = "">
<CFELSE>
<CFMODULE Template="CCGetParam.cfm" strName="ret_link" outputvar="strtmpRedirect">
<CFIF strtmpRedirect NEQ "">
<CFSET strRedirect = strtmpRedirect>
</CFIF>
</CFIF>
<!---End Event: OnClick. Action: Login. Control: Button_DoLogin--->
<!---Event: OnClick. Action: Custom Code. Control: Button_DoLogin @15-ECFB70A2--->
<!------------------------------------>
<!--- write your own code here --->
</CFIF>
<!------------------------------------>
<!---End Event: OnClick. Action: Custom Code. Control: Button_DoLogin--->
|
|
|
|