Well, that's a start, but it doesn't actually explain what any of the LDAP login module options are -- it only tells you what to set them to if you want to connect to the sample. I'd like to come up with a meaningful text description of each option:
initialContextFactory connectionURL connectionUsername connectionPassword connectionProtocol authentication userBase userSearchMatching userSearchSubtree roleBase roleName roleSearchMatching roleSearchSubtree userRoleName I have a vague idea of some of them from hacking around with this kind of stuff before -- but for the most part, I probably coun't explain it well. But even for nominally straightforward ones like connect username and password -- does the provided account need to be an LDAP administrator? Do I understand right that the realm will attempt to bind to LDAP as the user to verify their password? If so, why do you need the admin account and search params, why not just connect as the user and if it works look up their groups? Thanks, Aaron On 11/20/05, Jeff Genender <[EMAIL PROTECTED]> wrote: > Looks like Hernan put together a really nice tutorial on Geronimo with > the LDAp login module and Apache Directory. > > http://opensource2.atlassian.com/confluence/oss/display/GERONIMO/Configuring+LDAP > > Aaron Mulder wrote: > > It has like 14 parameters -- if I could get some help figuring out > > what all of those mean, and maybe some samples for hooking it up to > > OpenLDAP, Sun LDAP, and Active Directory LDAP, that would be > > outstanding. > > > > Thanks, > > Aaron > > > > http://svn.apache.org/viewcvs.cgi/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/LDAPLoginModule.java?rev=345629&view=markup >
