...
| Code Block |
|---|
public void bind( LdapDN bindDn, byte[] credentials, List mechanisms, String saslAuthId, Collection bypass ) throws NamingException
{ ...
this.configuration.getInterceptorChain().bind( bindDn, credentials, mechanisms, saslAuthId ); ...Â
|
this will call the first configured interceptor from a chain which is declared in the configuration file server.xml. The first interceptor is the NormalizationService.
...
In the first case, we will have to search the password in the backend, and this will be a lookup operation, which will be applied through another chain of interceptors.
...
The password is compared using the given mechanism (which should be simple on a new server), and if it matches, we create a principal object which will be stored in the connection context for future usage.
Now, we We are done with the Bind operation, except that we still have to control that the DN exists in the backend for this partition bind operation.
Add operation
An add operation is more complex. What we need to do is to check if the current user has enough right to add an entry, and that the entry can be added.
A new entry is a composition of three elements :
- A partition name
- A path from this partition
- An entry name
For instance, when adding an entry which DN is cn=acme, ou=users, ou=system , we will have :
- Partition = "ou=system"
- Path = "ou=users, ou=system"
- Entry name = "cn=acme"
The two first elements must exist in the base. We can't add an entry in an not existing partition, and we can't add an entry which path is not existing.