Using the authentication function of LDAP server

When the Access Control uses the LDAP server as its user information source, it should also use the authentication function which is provided by the LDAP server.

To use the authentication function of LDAP server, you should override the validateUserByPassword method in the BTTSecurityManager interface. This method also needs the connection configuration of LDAP server, and the value of serviceConnection should be set to true.

When authenticating the user, Access Control puts the user ID into Context.SECURITY_PRINCIPAL, and the password into Context.SECURITY_CREDENTIALS. Then the Access Control uses the LDAP connection information to connect to the LDAP server. If the user and password matches the record, the authentication is passed; otherwise, javax.naming.AuthenticationException is thrown.