Results 1 to 4 of 4

Thread: authentication, CheckAuthConfigRequest and ldap

  1. #1
    ljm
    ljm is offline Project Contributor
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Question authentication, CheckAuthConfigRequest and ldap

    Hi, I'm experimenting with authenticating a user against the zimbra store. The soap AuthRequest method works fine, but it creates a session and seems a bit heavyweight for a simple yes/no authentication.

    I was wondering whether CheckAuthConfigRequest would do the trick, but I can't figure out what the dn's need to be in order to make it work.

    Is there an example or doco somewhere? com/zimbra/cs/account/ldap/Check.java doesn't shed any light on what the dn's need to look like.

    Taking it one step further, would it be considered bad practice to authenticate via standard ldap bind and avoid the soap api altogether?

  2. #2
    ljm
    ljm is offline Project Contributor
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default ldapAuthBindDn

    Urgh, 10 mins after posting I found what I was looking for.

    In case anyone else is interested:
    - see LdapUtil.java
    - this ldapAuthBindDn worked for me:
    uid=%u,ou=people,dc=domain,dc=com

  3. #3
    schemers is offline Zimbra Employee
    Join Date
    Aug 2005
    Posts
    228
    Rep Power
    9

    Default

    If you don't want to create a session, just use <nosession/> in the <soap:Header> of the request:
    Code:
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
      <soap:Header>
        <context xmlns="urn:zimbra">
           <nosession/>
        </context>
      </soap:Header>
      <soap:Body>
         <AuthRequest xmlns="urn:zimbraAccount">
           ...
         </AuthRequest>
      </soap:Body>
    </soap:Envelope>
    I think that should work. See ZimbraServer/docs/soap.txt for more info.

    You could do an LDAP bind directly, as long as you don't care about checking zimbraAccountStatus.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  4. #4
    ljm
    ljm is offline Project Contributor
    Join Date
    May 2006
    Posts
    81
    Rep Power
    9

    Default

    <nosession/> works as described - thanks.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •