-
1. Re: Establishing an LDAP connection with non-hard coded credentials
rareddy Nov 16, 2012 6:28 PM (in response to johnbay)John,
I do not think we have any solutions currently that are out of the box for the LDAP authentication pass through. Generally for the data sources and connection factories you can follow the procedure here to define a separate security domain as defined here https://docs.jboss.org/author/display/TEIID/Security+at+Data+Source+level. For this you would need to extend the LDAP connector provided in the Teiid and extend the functionality.
Also, I logged https://issues.jboss.org/browse/TEIID-2312
You should also be able to set payload https://docs.jboss.org/author/display/TEIID/SET+Statement, which is available through command context in translator, so that it can pass in the credentials. I believe you can also set this payload as driver connection properties, but I could not find any document for that.
Hope this helps
Ramesh..
-
2. Re: Establishing an LDAP connection with non-hard coded credentials
johnbay Nov 19, 2012 10:57 AM (in response to rareddy)To make sure I understand: Currently the only sure way to pass in authentication information to the teiid LDAP connector at start up time is statically through its resource adapter properties? Otherwise the LDAP connector needs to be extended and added to?
-
3. Re: Establishing an LDAP connection with non-hard coded credentials
rareddy Nov 19, 2012 11:30 AM (in response to johnbay)Yes. It would be impossible to guess what the custom payload *is*, how it needs to be used to provide implementation out of the box, apart from supporting security-domain with ClientIdenityLoginModule (which I logged JIRA).
Ramesh..
-
4. Re: Establishing an LDAP connection with non-hard coded credentials
johnbay Nov 19, 2012 11:33 AM (in response to rareddy)Got it, thanks!
-
5. Re: Establishing an LDAP connection with non-hard coded credentials
yapnel Mar 7, 2013 3:51 PM (in response to rareddy)Hi Ramesh,
I tried this SET PAYLOAD user_id yapne; command in squirrel and it doesn't work. Is this only for java? Or have i done something wrong.
Please advise.
thanks.
Nelson
-
6. Re: Establishing an LDAP connection with non-hard coded credentials
shawkins Mar 7, 2013 6:17 PM (in response to yapnel)Nelson,
The payload approach that Ramesh is mentioning has no built-in hook at the resource adapter level to utilize the payload. As for the statement not working, what version of Teiid are you on?
See also https://issues.jboss.org/browse/TEIID-2312 for using a security domain to pass username/password that is set on the Subject.
Steve
-
7. Re: Establishing an LDAP connection with non-hard coded credentials
yapnel Mar 8, 2013 2:43 AM (in response to shawkins)Steve
EDS 5.3.1. I am not using it for LDAP purposes. We are intending for 3rd party tools to have a mechanism of passing user id to teiid engine.
Thanks
Nelson
-
8. Re: Establishing an LDAP connection with non-hard coded credentials
shawkins Mar 8, 2013 6:38 AM (in response to yapnel)https://issues.jboss.org/browse/TEIID-2006 is available in 5.3.1, you should open a support case describing what is not working.
Steve