User: starksm
Date: 01/04/09 15:53:16
Modified: src/docs jbosssx.xml
Log:
Break out the LdapLoginModule options using a variablelist element.
Revision Changes Path
1.7 +58 -28 manual/src/docs/jbosssx.xml
Index: jbosssx.xml
===================================================================
RCS file: /cvsroot/jboss/manual/src/docs/jbosssx.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- jbosssx.xml 2001/04/05 08:31:21 1.6
+++ jbosssx.xml 2001/04/09 22:53:16 1.7
@@ -1,6 +1,6 @@
<?xml version = "1.0" encoding = "UTF-8"?>
-<!-- Version: $Revision: 1.6 $ -->
+<!-- Version: $Revision: 1.7 $ -->
<?xml-stylesheet href =
'file:///D:/usr/local/src/cvsroot/jBoss/manual/src/docs/jboss.xsl' type = 'text/xsl'?>
<chapter id = "JBossSX">
<title>JBossSX Security Extension Framework</title>
@@ -315,7 +315,7 @@
<security-role-ref>
<description>
This role should be assigned to the employees of the
payroll department.
- Members of this role have access to anyone’s payroll
record.
+ Members of this role have access to anyone’s
payroll record.
The role has been linked to the payroll-department
role.
</description>
<role-name>payroll</role-name>
@@ -494,10 +494,10 @@
<attribute name="SecurityManagerClassName">
org.jboss.security.plugins.JaasSecurityManager
</attribute>
- <attribute name=“SecurityProxyFactoryClassName">
+ <attribute name=“SecurityProxyFactoryClassName">
org.jboss.security.SubjectSecurityProxyFactory
</attribute>
- <attribute name=“AuthenticationCacheJndiName">
+ <attribute name=“AuthenticationCacheJndiName">
srp/SRPAuthenticationCache
</attribute>
</mbean>
@@ -700,32 +700,62 @@
<para>An implementation of LoginModule that
authenticates against an LDAP server using JNDI based on the configuration properties.
The LoginModule options include whatever options your LDAP JNDI provider
-support. Examples of standard property names are:
-Context.INITIAL_CONTEXT_FACTORY = "java.naming.factory.initial"
-Context.SECURITY_PROTOCOL = "java.naming.security.protocol"
-Context.PROVIDER_URL = "java.naming.provider.url"
-Context.SECURITY_AUTHENTICATION = "java.naming.security.authentication"
-
-The Context.SECURITY_PRINCIPAL is set to the distinguished name of the user as
obtained by the callback handler and the Context.SECURITY_CREDENTIALS
+support. Examples of standard LDAP JNDI properties include:<variablelist>
+ <varlistentry>
+
<term>Context.INITIAL_CONTEXT_FACTORY = "java.naming.factory.initial"</term>
+ <listitem>
+ <para>The
classname of the InitialContextFactory implementation</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>Context.SECURITY_PROTOCOL = "java.naming.security.protocol"</term>
+ <listitem>
+ <para>The
transport protocol to use for secure access, e.g., ssl</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>Context.PROVIDER_URL = "java.naming.provider.url"</term>
+ <listitem>
+ <para>The ldap
URL for the LDAP server</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>Additional
LdapLoginModule properties include:<variablelist>
+ <varlistentry>
+
<term>principalDNPrefix, principalDNSuffix</term>
+ <listitem>
+ <para>A prefix
and suffix to add to the username when forming the user distiguished name. This is
useful if you prompt a user for a username and you don't want them to have to enter
the fully distinguished name. Using this property and principalDNSuffix the userDN
will be formed as:<command>String userDN = principalDNPrefix + username +
principalDNSuffix;</command>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>useObjectCredential</term>
+ <listitem>
+
<para>indicates that the credential should be obtained as an opaque Object using the
org.jboss.security.auth.callback.ObjectCallback type of Callback rather than as a
char[] password using a JAAS PasswordCallback.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>rolesCtxDN</term>
+ <listitem>
+ <para>The
distinguished name to the context to search for user roles.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>roleAttributeName</term>
+ <listitem>
+ <para>The name
of the attribute that contains the user roles.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>uidAttributeName</term>
+ <listitem>
+ <para>The name
of the attribute that in the object containing the user roles that corresponds to the
userid. This is used to locate the user roles.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>The
Context.SECURITY_PRINCIPAL is set to the distinguished name of the user as obtained by
the callback handler and the Context.SECURITY_CREDENTIALS
property is either set to the String password or Object credential depending
on the useObjectCredential option.
-Additional module properties include:
-principalDNPrefix, principalDNSuffix : A prefix and suffix to add to the
- username when forming the user distiguished name. This is useful if you
- prompt a user for a username and you don't want them to have to enter the
- fully distinguished name. Using this property and principalDNSuffix the
- userDN will be formed as:<command>String userDN = principalDNPrefix + username
+ principalDNSuffix;</command>>
-
-useObjectCredential : indicates that the credential should be obtained as
-an opaque Object using the org.jboss.security.plugins.ObjectCallback type
-of Callback rather than as a char[] password using a JAAS PasswordCallback.
-
-rolesCtxDN : The distinguished name to the context to search for user roles.
-roleAttributeName : The name of the attribute that contains the user roles
-uidAttributeName : The name of the attribute that in the object containing
- the user roles that corresponds to the userid. This is used to locate the
- user roles. A sample login config is given in <xref linkend =
"sx.LdapLoginModule.config"/>
+A sample login config is given in <xref linkend = "sx.LdapLoginModule.config"/>
</para>
<example id = "sx.LdapLoginModule.config">
<title>Sample LdapLoginModule
Configuration Entry</title>
@@ -870,7 +900,7 @@
<isbn>0-201-63361-2</isbn>
</biblioentry>
<biblioentry>
- <title>Enterprise JavaBeans™ Specification, v1.1 </title>
+ <title>Enterprise JavaBeansâ„¢ Specification, v1.1
</title>
<authorgroup>
<author>
<firstname>Vlada</firstname>
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
