Zimbra

jginzburg · #1 (**permalink**) 05-12-2008, 02:59 PM

Hello,

I´ve implemented a Radius Custom Auth extension, as depicted in the Admin Guide.
This is currently its (very simplified) source:
public class RadiusCustomAuth extends ZimbraCustomAuth {
Logger logger;
public void authenticate(Account account, String pass,
Map<String, Object> arg2, List<String> arg3) throws Exception {
logger.info("RadiusCustomAuth: authenticating...");
}

public RadiusCustomAuth() {
super();
Logger logger = Logger.getLogger(this.getClass().getName());
logger.info("RadiusCustomAuth created");
}
}
I've hooked it to the Zimbra server using the Zimbra extension framework.I've registered this custom auth mechanism under the name "Radius" and I've also enabled the example.com domain for using this handler (by using zmprov modifydomain example.com zimbraAuthMech custom:Radius).
When I restart the server I can see in the log that my RadiusCustomAuth handler is loaded because the line "RadiusCustomAuth created" is printed.
But when I try to authenticate a user, instead of "RadiusCustomAuth: authenticating..." this is the log I get:

2008-05-12 18:36:27,214 INFO [btpool0-0] [] AuthProvider - Adding auth provider: zimbra com.zimbra.cs.service.ZimbraAuthProvider
2008-05-12 18:36:27,322 INFO [btpool0-0] [ua=zclient/5.0.5_GA_2201.RHEL5;oip=10.8.13.18;] SoapEngine - handler exception: authentication failed for user01@example.com,

The Radius handler is associated to this domain (I'm sure on this because if I associate an inexistent handler to this domain I get "handler anInexistentHandler for custom auth for domain example.com not found" when authenticating the user).

Any ideas why I'm getting this handler exception instead of my silly log?

Greg · #2 (**permalink**) 06-26-2008, 10:36 AM

Looks like you are doing everything correctly. A couple of questions:
- how do you know that your auth handler is not being triggered?
- what is the log level in /opt/zimbra/conf/log4j.properties.in

Greg · #3 (**permalink**) 06-26-2008, 10:44 AM

Another comment, your extension should consist of minimum two classes
1) class that implements ZimbraExtension
2) class that extends ZimbraCustomAuth
MANIFEST file in the jar has to point to the class that implements ZimbraExtension, e.g.:

Code:

Zimbra-Extension-Class: com.zimbra.cs.service.radius.RadiusCustomAuth

Class that implements ZimbraExtension should have "init" method that will register the extension at run-time:

Code:

public class RadiusAuthModuleExtension implements ZimbraExtension {
    public void init() {

        ZimbraCustomAuth.register("radius", new RadiusAuth());
    }

    public void destroy() {
        ExtensionDispatcherServlet.unregister(this);
    }
    
    public String getName() {
        return "radius";
    }
}

dlopezleon · #4 (**permalink**) 07-03-2008, 09:08 AM

Hi Greg, thank you for answering.
We solved that problem. As you said we were doing things fine (I just added the destroy method you gave us but the problem wasn't there).
The thing was that the users we tried to authenticate were users that didn't have an account in our zimbra. We though that it would first check if the user was valid and then try to get the right inbox, but it was the other way around (which makes more sense now :P).
Thanks for your help.