I did.
The issue is that whan I get back a user, I then have to make a query to get
the dynamic name of the attributes verse static names.
Thus I have to:
| Hashtable hRoles = conn.search(DN, "(objectclass=*)", attrs);
|
Then:
| lEntry = new LDAPAttributeAccess(hRoles);
| return lEntry.getAttributeValues("nsRole");
|
So I am parsing out the roles now with a custom module, but I have the next and
last issue I could really use some help with please..:
I have assigned a user to the following roles in my login module:
Assign user to role cn=ffv1::01find customer::find customer,o=blackhawk
Assign user to role cn=ffv1::08reports::reports,o=blackhawk
Assign user to role cn=ffv1::20password reset::password reset
delegation,o=blackhawk
But, Struts wants to see:
role01
role08
role20
respectively.
So I am trying to map/alias:
cn=ffv1::01find customer::find customer,o=blackhawk
to
role01
I tried to add an entry into my jboss-web.xml like:
<security-role>
<principal-name>cn=FFv1::01Find Customer::Find Customer</principal-name>
<role-name>role01</role-name>
</security-role>
but that does not seem to work when I check in my jsp:
<%= (request.isUserInRole("role01") ? " YES ": " -no- ") %>
"anguyen" wrote : Have you looked at
http://docs.jboss.org/jbossas/jboss4guide/r3/html/ch8.chapter.html#d0e18741.
|
| From my understanding of your code, the login module config should look
something like:
|
| | <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
flag="required">
| | <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
| | <module-option name="java.naming.provider.url">ldap://[ip
address]:389</module-option>
| | <module-option
name="java.naming.security.authentication">simple</module-option>
| | <module-option
name="java.naming.security.principal">uid=fastforward,cn=Applications,o=blackhawk</module-option>
| | <module-option
name="java.naming.security.credentials">[password]</module-option>
| | <module-option name="principalDNPrefix">uid=</module-option>
| | <module-option name="principalDNSuffix">,o=blackhawk</module-option>
| | <module-option name="rolesCtxDN">??? ???</module-option>
| | <module-option name="roleAttributeId">??? ???</module-option>
| | <module-option name="roleAttributeIsDN">??? ???</module-option>
| | <module-option name="roleNameAttributeID">??? ???</module-option>
| | </login-module>
| |
|
| I'm not able to infer from you code example those last four values. They
are specific to your LDAP schema.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3895846#3895846
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3895846
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
