Hi,
I'd like to configure roller 4.0 to authenticate users against LDAP. I
woudl prefer to avoid also installing CAS at this time.
I'm running on glassfish v2ur1. I've edited my domain's
/generated/xml/j2ee-modules/roller/WEB-INF/security.xml as show below.
I've put acegi-security-1.0.3.jar into my domain's /lib directory.
I can log into roller, but nothing is happening via LDAP. My LDAP
server logs no connection. I can register a new user, but logging in
only works if I use their database password, not their LDAP password.
??
TIA
-
Ron Peterson
Network & Systems Manager
Mount Holyoke College
-
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="ldapAuthProvider"/>
<ref local="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="initialDirContextFactory"
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg
value="ldap://my.server/ou=mycontainer,dc=mtholyoke,dc=edu"/>
<property
name="managerDn"><value>cn=proxyuser,dc=mtholyoke,dc=edu</value></property>
<property name="managerPassword"><value>xyz</value></property>
</bean>
<bean id="ldapUserSearch"
class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0"><value></value></constructor-arg>
<constructor-arg index="1"><value>(cn={0})</value></constructor-arg>
<constructor-arg index="2"><ref local="initialDirContextFactory"
/></constructor-arg>
<property name="searchSubtree"><value>true</value></property>
</bean>
<bean id="ldapAuthProvider"
class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg>
<ref local="initialDirContextFactory"/>
</constructor-arg>
<property name="userDnPatterns">
<list>
<value>cn={0}</value>
</list>
</property>
</bean>
</constructor-arg>
</bean>
