Files changed (1)
- * The LDAP_USER, LDAP_PASS & SEARCHBASE are used to verify user account exist
ance and retrieve distinguishedName.
+ * The LDAP_USER, LDAP_PASS & SEARCHBASE are used to verify user account existnce and retrieve distinguishedName.
* Subsequent authentication attempts will use retrieved distinguishedName and user-supplied password to authenticate against the LDAP server.
+ * Step 1: query the server for a list of matching users (based on search filter and submitted cred)
+ logger.info(cred.getUsername() + ":LDAP Server has a new DN for this user. Attempting authentication with new DN " + newDN);
+ logger.info(cred.getUsername() + ":LDAP authentication succeeded with updated DN " + newDN + ". Updating stored DN.");
+ //this version stores the DN in a dead field (quarantine_path). This prevented having to modify the user schema, but really seems in-appropriate.