Just submitted the new patch:
===
For one of my projects I am using user authentication on
LDAP server. LDAP admins required support for TLS
transport, which was missing in LdapLoginModule.
Attached is the patch that enables TLS by intruducing
two more options: useTls and tlsHostnameVerifierClass.
The code is almost copied from http://java.sun.com/
products/jndi/tutorial/ldap/ext/starttls.html. Patch is
made against and tested with JBoss 3.2.5. Requires JDK
1.4 to compile and operate, however, does not break
anything if run under 1.3 with useTls omitted or
useTls=false (tested).
Sample login-conf I am using:
<application-policy name="FSLDAP">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule"
flag="required" >
<module-option
name="java.naming.provider.url">ldap://ldap.linux.dom:389/</module-option>
<module-option name="useTls">true</module-option>
<module-option
name="tlsHostnameVerifierClass">org.jboss.security.auth.spi.IgnoringHostnameVerifier</module-option>
<module-option name="principalDNPrefix">uid=</module-option>
<module-option
name="principalDNSuffix">,ou=people,dc=linux,dc=dom,dc=.</module-option>
<module-option
name="rolesCtxDN">ou=groups,dc=linux,dc=dom,dc=.</module-option>
<module-option name="uidAttributeID">memberUid</module-option>
<module-option name="roleAttributeID">cn</module-option>
</login-module>
</authentication>
</application-policy>
===
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
JBoss-Development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
