Greetings coders
I'm running AS 4.2.2.GA with portal 2.6.2 and authenticating against an LDAP
server.
Now I'm trying to use the CMS, but I'm somehow not authorized to see any
content. My user has the "Admin" role, but I'm not given access to the CMS
portlet.
In my login-config.xml I have copied my working "portal" LDAP
application-policy to the "cms" application-policy without any luck.
Here's my CMS policy from login-config.xml. Where you see "correct" or
"AwesomePassword" I have replaced company-specific information.
<!-- For the JCR CMS -->
| <application-policy name="cms">
| <authentication>
| <login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
| <module-option
name="synchronizeIdentity">true</module-option>
| <module-option name="synchronizeRoles">true</module-option>
| <module-option
name="additionalRole">Authenticated</module-option>
| <module-option
name="defaultAssignedRole">User</module-option>
| <module-option
name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option
name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
| <module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
| <module-option
name="password-stacking">useFirstPass</module-option>
| <module-option
name="java.naming.provider.url">ldaps://correct.url.and:port/</module-option>
| <module-option
name="java.naming.security.authentication">simple</module-option>
| <module-option
name="java.naming.security.protocol">ssl</module-option>
| <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
| <module-option
name="bindDN">uid=portal,ou=ServiceAccounts,dc=correct,dc=org</module-option>
| <module-option
name="bindCredential">AwesomePassword</module-option>
| <module-option
name="baseCtxDN">ou=People,dc=correct,dc=org</module-option>
| <module-option
name="baseFilter">(&(objectClass=person)(uid={0}))</module-option>
| <module-option
name="rolesCtxDN">ou=portal,ou=Groups,dc=correct,dc=org</module-option>
| <module-option
name="roleFilter">(&(objectClass=groupofuniquenames)(uniquemember={1}))</module-option>
| <module-option name="roleAttributeIsDN">false</module-option>
| <module-option name="roleAttributeID">cn</module-option>
| <module-option name="roleRecursion">0</module-option>
| <module-option name="roleNameAttributeID">cn</module-option>
| <module-option name="searchScope">SUBTREE_SCOPE</module-option>
| <module-option name="defaultRole">Authenticated</module-option>
| <module-option
name="unauthenticatedIdentity">Anonymous</module-option>
| <module-option
name="allowEmptyPasswords">false</module-option>
| </login-module>
| </authentication>
| </application-policy>
Any help appreciated!
-nollie
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4105083#4105083
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4105083
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
