Right, essentially, you are going to have either modify the existing LDAP based SPI components or write your own. It is not that bad to write your own if you use the existing ones as reference.
The security-atn.xml references the existing implementations and the interfaces they implement ( org.apache.jetspeed.security.spi.UserSecurityHandler and possibly org.apache.jetspeed.security.spi.CredentialHandler if your passwords are handled differently). I think you should be able to modify the existing LDAP ones mostly by modifying the spring LDAP data access objects. Since I am not familiar with spring DAO and I have my own data access layer for accessing LDAP, I just implemented my own. It wasn't that bad because I used the existing LDAP ones as a guide. In fact, I also implemented the interfaces in security-atz.xml (roles, groups and mappings to users) as well. For jetspeed related documentation, start here: http://portals.apache.org/jetspeed-2/guides/guide-security.html HTH, aaron On 3/9/06, david malkin <[EMAIL PROTECTED]> wrote: > > Aaron > > We are, in fact, looking to use an existing schema. Where should I > start looking for information about making the necessary > customizations? > > Thanks > David Malkin > > On 3/9/06, Aaron Evans <[EMAIL PROTECTED]> wrote: > > Firstly, the user you connect with to LDAP is admin/BlahBlah, but this > may > > or may not be a valid J2 user. Did you populate your directory with the > J2 > > LDAP schema and sample data? > > > > By default, the authentication will be looking for users of object class > > j2-user I believe. > > > > If you are looking to use an existing schema, you have some > customization > > work to do... > > > > On 3/9/06, david malkin <[EMAIL PROTECTED]> wrote: > > > > > > I am having dificulty setting up LDAP on Jetspeed2. Here are the > > > details of my situation. > > > 1. Using Novell NDS > > > 2. Installed binany "Jetspeed2.0-MultiDb-install.jar" > > > 3. Copied "security-spi-ldap-atn.xml" to > > > "$CATALINA_HOME/webapps/jetspeed/WEB-INF/assembly" > > > 4. Copied "security-spi-ldap.xml" to > > > "$CATALINA_HOME/webapps/jetspeed/WEB-INF/assembly" > > > 5. Populated "security-spi-ldap.xml" with the following LDAP settings > > > -- Arg1 (IP Address of LDAP server) = 10.60.XX.YY > > > -- Arg2 (LDAP Port) = 389 > > > -- Arg3 (DN suffix) - left blank > > > -- Arg4 (Root context) = o=svcs > > > -- Arg5 (Root DN) = cn=admin,o=svcs > > > -- Arg6 (Root Password = BlahBlah > > > -- Arg7 (Users org unit) = svcs > > > -- Arg8 (Groups Org Unit) = rcsc > > > -- Arg9 (Roles Org Unit) - removed this due to error message while > > > starting up > > > 6. Removed "security-spi-atn.xml" from > > > "$CATALINA_HOME/webapps/jetspeed/WEB-INF/assembly" > > > 7. Installed "JXplorer_LDAP_Browser" LDAP client and was able to > > > connect and browse around using the credentials specified above > > > 8. Started up tomcat > > > 9. No errors, stack traces, or messages about LDAP were found in > > > "$CATALINA_HOME/logs/catalina.out" > > > 10. No errors or stack traces were found in > > > "$CATALINA_HOME/webapps/jetspeed/logs/jetspeed.log" > > > 11. "$CATALINA_HOME/webapps/jetspeed/logs/jetspeed.log" did display > > > the following message during startup > > > "2006-03-09 09:33:06,792 [Main Thread] WARN > > > org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig - The > > > LDAP directory should already be initialized. If this is not the > > > case, an exceptionoccured during initialization." > > > 12. With browser, go to "http://~MY_HOST~:8080/jetspeed > > > 13. Fill in Login Portlet with user name = "admin" and password = > > > "BlahBlah" > > > 14. Click Login button > > > 15. "Invalid username" message returned in Login Portlet > > > > > > So, does anyone have any suggestions? > > > > > > Thanks, > > > David Malkin > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
