-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ola PessoALL.
Preciso de ajuda para fazer autentica��o "form-based" da minha aplica��o no OpenLDAP.
Editei o arquivo login-config.xml com o c�digo abaixo e � partir da�, n�o consigo
fader deploy de nenhum dos meus EJBs .
<application-policy name = "portalRealm">
<authentication>
<login-module code = "org.jboss.security.auth.spi.LdapLoginModule" flag =
"required">
<module-option name =
"java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name =
"java.naming.provider.url">//localhost:389</module-option>
<module-option name =
"java.naming.security.authentication">simple</module-option>
<module-option name = "principalDNPrefix">cn=Manager</module-option>
<module-option name =
"principalDNSuffix">dc=realitas,dc=net</module-option>
<module-option name = "uidAttributeID">cn</module-option>
<module-option name = "roleAttributeID">description</module-option>
<module-option name = "rolesCtxDN">dc=realitas,dc=net</module-option>
</login-module>
</authentication>
</application-policy>
Em anexo, os arquivos ldif que usei para carregar o OpenLDAP.
Meu sistema: Suse Linux, JDK 1.4, JBoss com Tomcat, Postgres, OpenLDAP 2.1.4
No Web.xml (parcial):
<security-constraint>
<display-name>Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Portal</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>organizationalRole</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Administrador</description>
<role-name>organizationalRole</role-name>
</security-role>
No ejb-jar.xml (parcial)
<assembly-descriptor>
<security-role>
<role-name>organizationalRole</role-name>
</security-role>
<method-permission>
<role-name>organizationalRole</role-name>
<method>
<ejb-name>GenKeyEJB</ejb-name>
<method-name>*</method-name>
</method>
<method>
<ejb-name>ResourceEJB</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
</assembly-descriptor>
Desde j�, agrade�o qualquer aten��o.
Jaime Oliveira
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+TA9AegmarNicmBURAg2VAJ423sFc8ZcWV+e0tDvmd2pIjUGLGgCgijGv
KELbqdbasCgFznmPpoby1fw=
=Q2fL
-----END PGP SIGNATURE-----
# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kurt Exp $
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
dn: dc=realitas,dc=net
objectclass: dcObject
objectclass: organization
o: Realitas Network
dc: realitas
dn: cn=Manager,dc=realitas,dc=net
objectclass: organizationalRole
cn: Manager
---------------------------------------------------------------------
Para cancelar a subscri��o, envie mensagem para:
[EMAIL PROTECTED]
Para comandos adicionais, envie mensagem para: [EMAIL PROTECTED]
