Set userProvider dynamically at runtime for JAAS logins to LDAP

Question

I have a J2SE application that is setup correctly to handle user authentication with an LDAP server. However, the URL is hard-coded in the config file.

e.g. userProvider="ldaps://host.domain.com:3269/DC=domain,DC=com"

I would like to move toward dynamically finding an LDAP server by querying DNS SRV records.

Once I find an LDAP server, how do I set the JAAS userProvider property dynamically at runtime without specifying it in the config file? All the examples I see only show the URL coming from the config file. The JavaDocs aren't too clear on this question.

'userProvider' is not an LDAP parameter. It is a parameter of your application. Where you set it is of no concern to Java. — user207421
However, it is a parameter for JAAS correct? Will JAAS accept the userProvider property in any other way than an external config file? (set a System variable, use a setter function somewhere...) — David I.
1. No, it's a parameter to a specific JAAS LoginModule. 2. No, you have to write a JAAS config file. — user207421

David I. David I. · Accepted Answer · 2013-05-03T13:53:23

Thanks to EJP, I got on the right track. Fortunately, System variables can be interpolated in the config file. (Reference)

Therefore, I can do something like this in the config file:

userProvider="ldaps://${ldap.host}/DC=domain,DC=com"

In my Java code, I set the system property "ldap.host":

System.setProperty("ldap.host","host.domain.com:3269");

Set userProvider dynamically at runtime for JAAS logins to LDAP

1 Answers