[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

Thu, 30 Mar 2006 06:02:08 -0800 

hm, had some errors in the above config please ignore it,as far as I can see 
the code below should be correct
it still does not work though, same problem: I get authenticated but it says 
that I do not have the specified role.


  | <application-policy name = "ldap">
  |       <authentication>
  |     <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" 
flag="required">
  |       <module-option 
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  |       <module-option 
name="java.naming.provider.url">ldap://somedomain.com:389/</module-option>
  |       <module-option name="java.naming.security">simple</module-option>
  |       <module-option name="bindDN">[EMAIL PROTECTED]</module-option>
  |       <module-option name="bindCredential">password</module-option>
  |       <module-option name="baseCtxDN">OU=All 
Users,DC=DOMAIN,DC=COM</module-option>
  |       <module-option name="baseFilter">(sAMAccountName={0})</module-option>
  |       <module-option 
name="rolesCtxDN">OU=AllCorporateGroups,DC=DOMAIN,DC=COM</module-option>
  |       <module-option name="roleFilter">(member={1})</module-option>
  |       <module-option name="roleAttributeIsDN">true</module-option>
  |       <module-option name="roleAttributeID">memberOf</module-option>
  |       <module-option name="roleNameAttributeID">cn</module-option>
  |       <module-option name="roleRecursion">-1</module-option>
  |     </login-module>
  |       </authentication>
  |     </application-policy>
  | 

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933708#3933708

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933708


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to