Dear Wiki user, You have subscribed to a wiki page or wiki category on "Portals Wiki" for change notification.
The "Jetspeed2/LDAP-howto" page has been changed by JeromeDupont: http://wiki.apache.org/portals/Jetspeed2/LDAP-howto?action=diff&rev1=9&rev2=10 Comment: adding "Define a backup ldap server" paragraph + little prettifying 1. Setup a ldap server (using apacheDS) 1. Create a simple ldap configuration from the demo + 1. Define a backup ldap server ---------- + = Create a simple ldap configuration from the demo = - STEP 1: Setup a LDAP server. + == STEP 1: Setup a LDAP server. == - - Install Apache Directory Studio. (Play around with this to get to know the user interface) Once you know. - Create any LDAP server - prefer 1.5.5+. right click & open configuration on the newly create LDAP server. click on partition tab -> click add. ID: (must be same as you saw in jetspeed.properties) sevenSeas Suffix: o=sevenSeas. (CTRL-S to save) Start up the server. @@ -28, +29 @@ - Make connection with LDAP server using (connection Tab in Apache Directory Studio) hostname: localhost port:10389 click on next: Bind DN: uid=admin,ou=system bindpassword: secret. (finish) open connection. ---------- - STEP 2: Installing Jetspeed demo + == STEP 2: Installing Jetspeed demo == - Jetspeed-2.2.2 (Demo or Minimal) either one. Apache Directory Studio 2.0 (this allow you to have apacheDS 1.5.3 up to 2.0) which is good for different test setup. ---------- - STEP 3: Setup jetspeed ldap mode + == STEP 3: Setup jetspeed ldap mode == - To configure Jetspeed-2.2.2 to work with LDAP - open spring-filter-key.properties (webapps/jetspeed/WEB-INF/conf) and change: spring.filter.key=portal to spring.filter.key=portal.ldap. (this will make jetspeed connect to LDAP). ---------- - STEP 4: Setup jetspeed properties file + == STEP 4: Setup jetspeed properties file == - To verify the connection between jetspeed and LDAP: open jetspeed.properties in (webapps/jetspeed/WEB-INF/conf) - Default connection for jetspeed to LDAP is should be the same as already configured in this section. Make sure you understand what is here. LDAP require: (1 organism, 3 organization unit) o=sevenSeas (change this if you want to name something else, make sure it is same when configured in LDAP). ou=Users ou=Roles ou=Group Good. You are now done with setup jetspeed-2.2.2 to connect to LDAP ApacheDS. ---------- - STEP 5: Populating Ldap with sample users + == STEP 5: Populating Ldap with sample users == - Creating partition for sevenSeas on LDAP Server. This must be done in order to load any sevenSeas.ldif file you have successful or create your own without loading ldif file. @@ -74, +71 @@ ------ = Adapting jetspeed to an existing ldap schema = - This paragraphs shows how to configure Jestspeed to adapt it to a specific ldap model. == Adding user attributes == @@ -186, +182 @@ </property> </bean> }}} + = Define a backup ldap server = + In some cases, several ldap servers are defined in your infrastructure, and if one of them collapses, applications are supposed to balance themselves to the backup ldap server. That is possible to do this with jetspeed, modifying '''WEB-INF/assembly/security-ldap.xml'''''' '''file. In this file, the connection to ldap is defined in the ''org.springframework.ldap.core.support.LdapContextSource'' bean, in the ''url'' element. You have to replace url without ''s'' by elements ''urls'' with s, and to list the differents ldap servers. + Jetspeed tries to connect to the first ldap server, and if it fails to the second one, etc. Note that in this case, the synchronisation between ldaps is NOT done by jetspeed but by the ldap infrastructure. Jetspeed synchronises only the ldap server it works with. + + See above the example for '''security ldap.xml''': + + {{{ + <property name="contextSource"> + <bean class="org.springframework.ldap.core.support.LdapContextSource"> + <property name="urls" value="${ldap.url}"/> + <property name="base" value="${ldap.base}"/> + <property name="userDn" value="${ldap.userDn}"/> + <property name="password" value="${ldap.password}"/> + <property name="baseEnvironmentProperties" ref="ldapEnvironmentProperties"/> + <property name="pooled" value="false"/> + </bean> + </property> + }}} + {ldap.url} is defined in the '''WEB-INF/conf/override.properties '''file: + + {{{ + ldap.url=ldap://asl20.pfvd.nt.bnf.fr:389, ldap://asl21.pfvd.nt.bnf.fr:389 + }}} +
