Querying the LDAP server

The AuthHttpENEConnection class has a login method to query the LDAP directory for authentication.

Use this AuthHttpENEConnection method to establish a connection with an external LDAP server and query the LDAP directory to authenticate the user:

Java: the login() method
.NET: the Login() method

These methods use the LDAPLoginModule plug-in to connect to and query the LDAP server.

The LDAP server’s URL is obtained from the serverInfo parameter (or parameters) in the Access Control configuration file.

If the user is not in the LDAP directory, the authentication will fail and the user will not be allowed access to the Endeca implementation.

Java implementation

If the user’s name and password have been extracted from a certificate or obtained by prompting the user, the call to the LDAP server would be:

//Create a CallbackHandler
CallbackHandler cbh = new StaticCallbackHandler(name,pass);
// Query the LDAP server to authenticate this user
try {
   nec.login(cbh);
} catch (ENEAuthenticationException exp) {
   System.err.println(exp);
   exp.printStackTrace();
   System.err.println("LDAP Authentication failed");
   System.exit(1);
}

The StaticCallbackHandler object provides the user name and password. If the login attempt fails, an ENEAuthenticationException exception is thrown.

.NET implementation

The .NET version of the Login method has this signature:

Login(IAuthCredentialRequestHandler handler)

where handler is an IAuthCredentialRequestHandler object instance that provides the mechanism to obtain credentials for authentication purposes.

To use an example, if the user has supplied a username and password, the call to authenticate the user would be:

//Authenticate the user
nec.Login(new StaticCredentialRequestHandler(user, pass));

The StaticCredentialRequestHandler object provides the user name and password. If the login attempt fails, an ENEAuthenticationException exception is thrown.