[jboss-user] [Security & JAAS/JBoss] - ActiveDirectory for login, DB for roles-query?

Mon, 22 Oct 2007 05:48:38 -0700 

Hi everybody,

thas my big problem:
The users are saved in the ActiveDirectory on a central server. I can login 
with JBoss with the login-config.xml:
<application-policy name="xxx">
  |     <authentication>
  |             <login-module 
code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
  |                     <module-option 
name="dsJndiName">java:/DefaultDS</module-option>
  |                     <module-option 
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  |                     <module-option 
name="java.naming.provider.url">ldap://192.168.1.10:389/DC=bsp,DC=local??base?(objectClass=*)</module-option>
  |                     <module-option 
name="java.naming.security.authentication">simple</module-option>
  |                     <module-option 
name="principalDNPrefix">CN=</module-option>
  |                     <module-option 
name="principalDNSuffix">,CN=Users,DC=bsp,DC=local</module-option>
  |                     <!--<module-option 
name="rolesCtxDN">CN=Users,DC=bsp,DC=local</module-option>-->
  |                     <module-option 
name="uidAttributeID">sAMAccountName</module-option>
  |                     <module-option 
name="matchOnUserDN">false</module-option>
  |                     <!--<module-option 
name="roleAttributeID">cn</module-option>
  |                     <module-option 
name="roleAttributeIsDN">true</module-option>-->
  |             </login-module>
  |     </authentication>
  | </application-policy>

the problem is that the roles of the users are not saved in the AD. Instead i 
can find them in a database with columns like bit isAdmin for example.
I dont know how to add roles to the users or configurate the login-file to 
separate the source of the user and roles. 

Have anybody a suggestion?

Thanks



View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097452#4097452

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4097452
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to