| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| custom AuthService using openldap having issue |
« View previous topic :: View next topic » |
| Author |
Message
|
| viks |
 Posted: Mon Nov 04, 2013 6:55 pm Post subject: custom AuthService using openldap having issue |
 |
|
Newbie
Joined: 12 Jun 2013
Posts: 8
|
Hello all,
We are currently building a custom auth service to authenticate user against the LDAP. We are able to make it working to an extend that we can capture the userid sent, but when we call the openldap ldap_init with in the authservice it's creating FDC ( Probe Id :- XC130004, Probe Type:- HALT6109, Comment1 :- SIGSEGV: address not mapped(0xffffffffxxxxxx) )
Of course below code working fine when we run it outside MQ as a standalone program, but when this part of code runs as authservice of MQ, we have problem when the pointer that returned by the ldap_init been referenced. below the C code snippet.
| Code: |
#define HOSTNAME "ldap.xxx.org.com"
#define PORTNUMBER 389
#define BASEDN "uid=userid,ou=people,o=xxx.org.com,dc=xxx,dc=com"
#define SCOPE LDAP_SCOPE_SUBTREE
int auth(char* user, char* pass) {
LDAP *ld;
int version, rc;
/* STEP 1: Get a handle to an LDAP connection and set any session preferences. */
if ( (ld = (LDAP *) ldap_init( HOSTNAME, PORTNUMBER )) == NULL ) {
return( 0 );
}
version = LDAP_VERSION3;
ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
/* STEP 2: Bind to the server. */
rc = ldap_simple_bind_s( ld, BASEDN, pass );
if ( rc != LDAP_SUCCESS ) {
return( 0 );
}
/* STEP 4: Disconnect from the server. */
ldap_unbind( ld );
return( 1 );
}
|
While LDAP* ld is not NULL, but when it is referenced for the first time, at
ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version );
it gives the SIGSEGV: address not mapped(0xffffffffxxxxxx) error.
Same code works as expected when running outside MQ, as a standalone program in the same MQ host.
Thanks in advance for your  |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Mon Nov 04, 2013 8:47 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
For ldap to work correctly you must be able to substitute your standard login with the ldap checked login...
Once your OS authorization functions run seamless against the ldap they should also run seamless with MQ.
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| RogerLacroix |
| Posted: Tue Nov 05, 2013 10:02 am Post subject: Re: custom AuthService using openldap having issue |
|
|
Jedi Knight
Joined: 15 May 2001
Posts: 3264
Location: London, ON Canada
|
| viks wrote: |
| We are currently building a custom auth service to authenticate user against the LDAP. We are able to make it working to an extend that we can capture the userid sent, but when we call the openldap ldap_init with in the authservice it's creating FDC ( Probe Id :- XC130004, Probe Type:- HALT6109, Comment1 :- SIGSEGV: address not mapped(0xffffffffxxxxxx) ) |
First, it is EXTREMELY tricky to get LDAP code to work correctly inside an MQ exit. I know, I have spent years perfecting MQAUSX to work correctly across 10 distributed platforms. Each platform has its own weird and goofy issues when compiling and linking LDAP and a MQ security exit.
The second question is why in the world would you build it when MQAUSX is so cheap (i.e. $499 less in volume). If your value is $65 per hour then 1 day (8 hours) of fooling around with your code could have gotten you 1 license for MQAUSX and you could have done something else!!
Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
