dcsimg
More Detailed NIS Shadow password question:
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Thomas_Gamble
Posted On:   Wednesday, August 14, 2002 07:48 PM

First of all, I know very little about NIS and how it works. Regardless, I will attempt to phrase my question in a legible manner. The objective is to authenticate users against a NIS server using a servlet. The NIS server is using shadow passwords and (as far as I know) is storing them in "passwd.adjunct". When I perform a DirContext.list("system") a list of contexts are returned and are as follows: auto.home: com.sun.jndi.nis.NISCtx auto.master: com.sun.jndi.nis.NISCtx group.adjunct.byname: com.sun.jndi.nis.NISCtx passwd.adjunct.byname: com.sun.jndi.nis.NISCtx netmasks.byaddr: com.sun.jndi.nis.NISCtx netid.byname: com.sun.jndi.nis.NISCtx hosts.   More>>
First of all, I know very little
about NIS and how it works. Regardless, I will attempt to phrase my question in
a legible manner. The objective is to authenticate users against a NIS server
using a servlet. The NIS server is using shadow passwords and (as far as I know)
is storing them in "passwd.adjunct". When I perform a DirContext.list("system")
a list of contexts are returned and are as follows:
			
auto.home: com.sun.jndi.nis.NISCtx
auto.master: com.sun.jndi.nis.NISCtx
group.adjunct.byname: com.sun.jndi.nis.NISCtx
passwd.adjunct.byname: com.sun.jndi.nis.NISCtx
netmasks.byaddr: com.sun.jndi.nis.NISCtx
netid.byname: com.sun.jndi.nis.NISCtx
hosts.byaddr: com.sun.jndi.nis.NISCtx
hosts.byname: com.sun.jndi.nis.NISCtx
group.bygid: com.sun.jndi.nis.NISCtx
group.byname: com.sun.jndi.nis.NISCtx
passwd.byuid: com.sun.jndi.nis.NISCtx
passwd.byname: com.sun.jndi.nis.NISCtx
ypservers: com.sun.jndi.nis.NISCtx

By looking at this list, I
would assume that passwd.adjunct.byname can be accessed the same as passwd.byname.
However, performing a DirContext.list("system/passwd.byname") returns the following:

			
testuser3: com.sun.jndi.nis.NISObject
testuser2: com.sun.jndi.nis.NISObject
testuser1: com.sun.jndi.nis.NISObject

and a DirContext.list("system/passwd.adjunct.byname")
throws an error:
			
ERROR: javax.naming.NameNotFoundException; remaining name 'passwd.adjunct.byname'
javax.naming.NameNotFoundException; remaining name 'passwd.adjunct.byname'
at com.sun.jndi.nis.NISMapList.c_lookup(NISMapList.java:91)
at com.sun.jndi.nis.NISBaseCtx.c_list(NISBaseCtx.java:378)
at com.sun.jndi.toolkit.ctx.ComponentContext.p_list(ComponentContext.java:554)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.list(PartialCompositeContext.java:280)
at com.sun.jndi.toolkit.ctx.PartialCompositeContext.list(PartialCompositeContext.java:265)
at javax.naming.InitialContext.list(InitialContext.java:390)
at NIS.processRequest(NIS.java:57)
at NIS.doGet(NIS.java:78)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:404)
at org.apache.tomcat.core.Handler.service(Handler.java:286)
at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:797)
at org.apache.tomcat.core.ContextManager.service(ContextManager.java:743)
at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpConnectionHandler.java:210)
at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:498)
at java.lang.Thread.run(Thread.java:484)

I was hoping to retrieve the
users password, encrypt the provided password, and compare them. However, that
is difficult when I cannot use the map that they are in. Any ideas as to what
I am doing wrong and/or a different approach that might work would be greatly
appreciated. My code is below:
			
response.setContentType("text/html");
java.io.PrintWriter out = response.getWriter();
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.nis.NISCtxFactory");
env.put(Context.PROVIDER_URL, "nis://192.168.1.110/test.domain");


DirContext ctx = new InitialDirContext(env);

NamingEnumeration ne = ctx.list("system/passwd.adjunct.byname");
while(ne.hasMore()) out.println(ne.next().toString());

out.close();
   <<Less

Re: More Detailed NIS Shadow password question:

Posted By:   Andre_Cesta  
Posted On:   Monday, November 11, 2002 12:37 PM

Dude,

I agree that the NIS JNDI provider is poorly documented,
but we will document it for Sun, he, he.
Here is what works for my NIS implementation. With that
I can authenticate users (need a crypt implementation though):


import java.util.Properties;
import javax.naming.Context;
import javax.naming.Name;
import javax.naming.InitialContext;
import javax.naming.NamingEnumeration;
import javax.naming.NameClassPair;

import com.sun.jndi.nis.NISCtxFactory;

import java.lang.reflect.Method;

public class JNDITest {

public static void main(String args[]) {
try {
System.out.println("NIS test 1");
Properties env = new Properties();
System.out.println("NIS test 2");
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.nis.NISCtxFactory");
System.out.println("NIS test 3");
env.put(Context.PROVIDER_URL, "nis://moms/clear.net.nz");
System.out.println("NIS test 4");
Context initialContext = new InitialContext(env);
String vUserData = ""+initialContext.lookup("system/passwd.byname/acesta");
System.out.println("Object instance:"+vUserData);
//Here is the output for me:
//Object instance:acesta:miRERJ0o4yd7U:1414:10:Andre Cesta:/home/acesta:/bin/ksh
} catch(Exception e) {
System.out.println(e);
};
}

}
About | Sitemap | Contact