[jboss-user] [JBoss Portal] - Re: LDAP authentication and Role-based permissions question

Fri, 09 Mar 2007 04:55:27 -0800 

I just tried your configuration and it seemed to work. Didn't put things into 
database. Just test if users are authenticated correctly and are able to enter 
portal.

I used this 
ldif file and changed:

1) login-config.xml:


  | <login-module code="org.jboss.security.auth.spi.LdapLoginModule" 
flag="required">
  |                 <module-option 
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  |                 <module-option 
name="java.naming.provider.url">ldap://localhost:10389/</module-option>
  |                 <module-option 
name="java.naming.security.authentication">simple</module-option>
  |                 <module-option name="principalDNPrefix">uid=</module-option>
  |                 <module-option 
name="principalDNSuffix">,ou=People,o=test,dc=portal,dc=example,dc=com</module-option>
  |                 <module-option 
name="rolesCtxDN">ou=Roles,o=test,dc=portal,dc=example,dc=com</module-option>
  |                 <module-option name="uidAttributeID">member</module-option>
  |                 <module-option name="matchOnUserDN">true</module-option>
  |                 <module-option name="roleAttributeID">cn</module-option>
  |                 <module-option 
name="roleAttributeIsDN">false</module-option>
  |                 <module-option name="searchTimeLimit">5000</module-option>
  |                 <module-option 
name="searchScope">ONELEVEL_SCOPE</module-option>
  |             </login-module>
  | 

and IdentityLoginModule commented out.

2) 
jboss-4.0.5.GA\server\default\deploy\jboss-portal.sar\portal-server.war\WEB-INF\web.xml
 : 

  | <security-role>
  |       <!--<role-name>Authenticated</role-name>-->
  |          <role-name>User</role-name>
  |    </security-role>
  | 
  | and 
  | 
  | <security-constraint>
  |       <web-resource-collection>
  |          <web-resource-name>Authenticated</web-resource-name>
  |          <description></description>
  |          <url-pattern>/auth/*</url-pattern>
  |       </web-resource-collection>
  |       <auth-constraint>
  |          <!--<role-name>Authenticated</role-name>-->
  |          <role-name>User</role-name>
  |       </auth-constraint>
  |    </security-constraint>
  | 

I'm able to login as admin/admin or as jduke/theduke. Tested with 2.4 and 2.6 
trunk



View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4026587#4026587

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4026587
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to