Hello Dmitriy,

The problem that I have been encountering is org.exist.security.UserImpl.authenticate().  I think that we need to move the current UserImpl into internal and create a new UserImpl under ldap that authenticates against the LDAP server.


On Jun 17, 2010, at 10:45 PM, Dmitriy Shabanov wrote:

On Thu, 2010-06-17 at 17:59 -0500, Loren Cahlander wrote:

Can it org.exist.security.ldap.RealmImpl.java? The design is quite simple: one SecurityManager - several Realms attached to it.


on authentication request the method in SecurityManager will be call:

public Account authenticate(String username, Object credentials) throws ExceptionAuthentication {
                Account account = null;
                for (Realm realm : realms.values()) {
                        account = realm.authenticate(username, credentials);
                        if (account != null)
                                return account;
                throw new ExceptionAuthentication("User [" + username + "] not found");

As you can see it will go throw all attached realms & try to get authenticated user account.


Dmitriy Shabanov