[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: java api bind() methods
At 04:11 PM 4/4/01 -0700, Rob Weltman wrote:
>"Kurt D. Zeilenga" wrote:
>>
>> At 03:15 PM 4/4/01 -0700, Rob Weltman wrote:
>> >"Kurt D. Zeilenga" wrote:
>> >> If the application wants to do a DIGEST-MD5 authentication with
>> >> an bind name of "cn=john" and a SASL authentication identity of
>> >> "mary", the LDAP API should provide facilities to accomplish.
>> >> If this is not possible with the current LDAP API then the API
>> >> is flawed.
>> >
>> > That is supported.
>>
>> It's not obvious to me how to do it. An example would
>> do wonders.
>>
>> Kurt
>
> class MarysCallbackHandler implements CallbackHandler {
> public void handle(Callback[] callbacks)
> throws IOException, UnsupportedCallbackException {
> for (int i = 0; i < callbacks.length; i++) {
> if (callbacks[i] instanceof NameCallback) {
> NameCallback nc = (NameCallback)callbacks[i];
> nc.setName( "mary" );
> } else if (callbacks[i] instanceof PasswordCallback) {
> ...
> }
> }
> }
> }
>...
>...
>
> ldc.bind( "cn=john",
> new String[] {"DIGEST-MD5"},
> null,
> new MarysCallbackHandler() );
Okay... so the confusion I had must have been this language:
dn If non-null and non-empty, specifies that the
connection and all operations through it should
be authenticated with dn as the distinguished
name.
Shouldn't this just be:
dn The distinguished name to use as the bind name.
as clearly in your example it's the callback which is providing
the authentication identity.