public final class LDAPAuthenticationScheme
This is the Derby LDAP authentication scheme implementation.
JNDI system/environment properties can be set at the database
level as database properties. They will be picked-up and set in
the JNDI initial context if any are found.
We do connect first to the LDAP server in order to retrieve the
user's distinguished name (DN) and then we reconnect and try to
authenticate with the user's DN and passed-in password.
In 2.0 release, we first connect to do a search (user full DN lookup).
This initial lookup can be done through anonymous bind or using special
LDAP search credentials that the user may have configured on the
LDAP settings for the database or the system.
It is a typical operation with LDAP servers where sometimes it is
hard to tell/guess in advance a users' full DN's.
NOTE: In a future release, we will cache/maintain the user DN within
the the Derby database or system to avoid the initial lookup.
Also note that LDAP search/retrieval operations are usually very fast.
The default LDAP url is ldap:/// (ldap://localhost:389/)
userName - The user's name used to connect to JBMS system
userPassword - The user's password used to connect to JBMS system
databaseName - The database which the user wants to connect to.
info - Additional jdbc connection info.
grouplist if authentication is successful, and user is memberof ldap groups return a list of groups,
if not part of any group, return the same username as authenticated user,
if unable to authenticate, return null
java.sql.SQLException - An exception processing the request,
connection request will be denied. The SQL exception will
be returned to the connection attempt.