Can anyone tell me how to connect to an LDAP server?
I need a username/password authentication to be done by LDAP integrated with IE, which I intend to do using Java. Given that I only know the IP address of the server, is it possible that way I can reach the server so that I can authenticate with it somehow automatically using Java?
Here is link to LDAP Authentication using Java
Do you want to do SSO with NTLM? In this case this might help you. Otherwise you can use the javax.naming package to connect to LDAP. Or have a look at jldap
Related
i try to Authenticate windows user to got the client windows log in user from this :::: request.getremoteuser()
i get my LDap users on weblogic but after that i got lost
can any one help me
thanx a lot
Not sure I totally understand your problem, but it looks like you are trying to use Single Sign On (SSO) for authentication.
If that's the case, SSO configuration on weblogic is a bit of a challenge, there are several configuration options available depending of LDAP implementation you are using (MS Active Directory or OAM).
This topic is too complex to be solved with answering a forum question, but all we can do for you is to point to into the right direction.
For Active Directory, you can check this blog:
http://biemond.blogspot.co.uk/2011/08/single-sign-on-with-windows-kerberos-on.html
For Oracle Access Manager, here are some guidelines for you:
https://blogs.oracle.com/imc/entry/adf_oam
How can I authenticate a user onto IIS. Actually my purpose is that an online user to make supply enter the application by using a kind of verification. And on the other hand we have Microsoft web system. So probably, I need to solve the authentication issue on IIS. Essentially I know how to secure and authentication AMX page within weblogic system. Basic HTTP Authentication is a standard though and ADF mobile useS it too. But can it handle my expectation, I cannot be sure.
What is the best practice and best way?
This is acutally a question to the IIS guys - all you need is a URL on that server that will prompt you for a basic authentication.
I was just running through a few basic tutorials on using JAAS in web applications.
I got everything setup fine but noticed that the j_password parameter is sent from the client browser in clear text.
Is there a way to make JAAS hash this value before sending it?
My application is running on Tomcat 7, so I don't know if this could achieved through some server specific setting or via some web app setting?
Have a look at The definitive guide to form-based website authentication
In short: Client side password hashing requires javascript on the client; there is no such standard if you use form based authentication that you can simply enable on the server. In any case, make sure your connection is encrypted (HTTP over SSL). Then it is less/not important to hash passwords on client side.
I have Java Applet(J2EE), I want to make it accessible only to a certain set of users,by authenticating them using username and password.What is the the best way of doing this?
This guide to form-based authentication could be helpful.
The way you secure this will depend on what you have on server side?
Applet takes username and password. Calls some auth service on the server to authenticate the user.
Next challenge would be to maintain this authentication state. Solution would totally depend on how you are communicating back from your applet.
A user is accessing a restricted web application with JAAS (on Glassfish 2.1). LDAPRealm is used, and authentication is successfully performed from LDAP. A password policy should be installed for the users, so that they are forced to change passwords, have passwords of certain complexity/length, password failures and last N passwords should be checked. Password policy of LDAP server used (OpenDS) supports all this, but it is not obvious at all how to receive this kind of information in JAAS FORM login we are using, so that the information (i.e. "Please change you password") can be displayed to the user.
Do you have any ideas how to go about implementing this? Using database only is not an option, users need to be in LDAP. What is not obvious is whether to use LDAP password policies at all, or have it all programmed in our web application. I would like to avoid this and use LDAP's native password policies.
Thank you for answers and best regards,
Bozo
Unfortunately, what you can do using JAAS is kind of constrained to a small set of operations that any login system can support. While LDAP supports a password policy, other login systems (eg keystores) may not, so JAAS cannot have code that requires this.
Hence, you'll have to talk to the LDAP server directly using either JNDI or possibly this library from Novell.
Got it. Have to use a SAM, since you cannot receive LoginException (with reason of login failure) in the existing auth mechanisms in Glassfish.
Answer is here: How to override j_security_check in glassfish?