I got to use the LdapLoginModule http://download.oracle.com/javase/6/docs/jre/api/security/jaas/spec/com/sun/security/auth/module/LdapLoginModule.html together with Microsoft Active Directory in search-first mode, because we got our users in different OUs. AD does not allow anonymous searches.
Is there a possibility to make a non-anonymous search before authenticating or why does the word anonymous stand in braces?
In case which LdapLoginModules are out there allowing for non-anonymous searches?
Kind regards
Christian
UPDATE: To allow a non-anonymous search with an technical account in AD, you have to use another LoginModule. Either you can implement your own, or if you are on JBoss you can use the LdapExtLoginModule. We are on weblogic, thus we used the UsernamePasswordLoginModule from Oracle and configured a realm for the authentication.
To allow a non-anonymous search with an technical account in AD, you have to use another LoginModule. Either you can implement your own, or if you are on JBoss you can use the LdapExtLoginModule. We are on weblogic, thus we used the UsernamePasswordLoginModule from Oracle and configured a realm for the authentication.