I sent the following to Jeffrey D. Brekke because he asked me in private
mail. I feel that the information might be useful for others, too. For
completeness, I repost my mail here:
These are the changes to TurbineResources.Properties:
---8<---
services.SecurityService.classname=org.apache.turbine.services.security.ldap.LDAPSecurityService
services.SecurityService.user.manager =
org.apache.turbine.services.security.ldap.LDAPUserManager
# LDAP does not yet provide custom Group, User and Role objects so you
# must use it with the default TurbineGroup, TurbineRole and
# TurbinePermission objects.
#
# Class for User. Default: org.apache.turbine.om.security.TurbineUser
services.SecurityService.user.class=com.acme.ldap.AdLDAPUser
# Class for Group. Default: org.apache.turbine.om.security.TurbineGroup
services.SecurityService.group.class=org.apache.turbine.om.security.TurbineGroup
# Class for Role. Default: org.apache.turbine.om.security.TurbineRole
services.SecurityService.role.class=org.apache.turbine.om.security.TurbineRole
# Class for Permission. Default:
# org.apache.turbine.om.security.TurbinePermission
services.SecurityService.permission.class=org.apache.turbine.om.security.TurbinePermission
# Configuration for the LDAP Security Service implementation
services.SecurityService.ldap.security.authentication=simple
services.SecurityService.ldap.port=389
services.SecurityService.ldap.host=ad.acme.com
#
# The user name of the admin user. The admin user should be able to
# read from the LDAP repository.
# Characteres '/' are replaced by '=' and '%' are replaced by ','.
#
# Default: none
#
services.SecurityService.ldap.admin.username=CN/Joe
Admin%CN/Users%DC/acme%DC/com
services.SecurityService.ldap.admin.password=password
#
# The directory base to search.
# '/' are replaced by '=' and '%' are replaced by ','.
#
# Default: none
#
# services.SecurityService.ldap.basesearch=dc/example%dc/com
services.SecurityService.ldap.basesearch=CN/Users%DC/acme%DC/com
services.SecurityService.ldap.dn.attribute=distinguishedName
services.SecurityService.ldap.provider=com.sun.jndi.ldap.LdapCtxFactory
# Active Directory settings
# services.SecurityService.ldap.user.userid=userAccountControl
services.SecurityService.ldap.user.username=sAMAccountName
#services.SecurityService.ldap.user.username=cn
services.SecurityService.ldap.user.firstname=givenName
services.SecurityService.ldap.user.lastname=sn
services.SecurityService.ldap.user.email=userPrincipalName
services.SecurityService.ldap.user.password=userPassword
---8<---
A small adjustment is needed in the LDAPUser class:
---8<---
public class AdLDAPUser extends LDAPUser
{
/* (non-Javadoc)
* @see org.apache.turbine.services.security.ldap.LDAPUser#getDN()
*/
public String getDN()
{
String userBaseSearch = LDAPSecurityConstants.getBaseSearch();
String userName = getName();
StringBuffer sb = new StringBuffer();
sb.append("CN=");
sb.append(getFirstName()).append(' ').append(getLastName());
sb.append(',').append(userBaseSearch);
return sb.toString();
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
