[prev in list] [next in list] [prev in thread] [next in thread]
List: jboss-user
Subject: [jboss-user] Configuring the application policy in login-config.xml
From: "Fernandes Celinio" <cfernandes () sopragroup ! com>
Date: 2009-12-22 10:30:25
Message-ID: 31244_1261477830_4B309FC6_31244_930074_1_B4AC254DCE906D488333FD39FCD5DD628F0761 () WBE01 ! ptx ! fr ! sopra
[Download RAW message or body]
--===============7738826831801725321==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01CA82F1.C734FF9C"
This is a multi-part message in MIME format.
Hi,
I am using JBoss AS 5.1.0 GA and Apache Directory Server.
Can anyone tell me what lines to put in the application policy
configuration of my login-config.xml file
for the following LDIF file that i imported in Apache Directory Server ?
This LDIF file defines 3 users and 2 roles :
uid : system userPassword: manager Roles: admin
uid : user1 userPassword: p1 Roles: guest
uid : user2 userPassword: p2 Roles: admin
Here is the LDIF file that I imported with success in Apache DS :
# User: system
dn: uid=system,ou=users,ou=system
cn: John Doe
sn: Doe
givenname: John
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Las Vegas
uid: system
mail: system@apachecon.comm
telephonenumber: +1 408 555 5555
facsimiletelephonenumber: +1 408 555 5556
roomnumber: 4613
userPassword: manager
# User: user1
dn: uid=user1,ou=users,ou=system
cn: User
sn: One
givenname: User1
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Las Vegas
uid: user1
mail: user1@apachecon.comm
telephonenumber: +1 408 555 5555
facsimiletelephonenumber: +1 408 555 5556
roomnumber: 4613
userPassword: p1
# User: user2
dn: uid=user2,ou=users,ou=system
cn: User
sn: Two
givenname: User2
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
ou: Human Resources
ou: People
l: Las Vegas
uid: user2
mail: user2@apachecon.comm
telephonenumber: +1 408 555 5555
facsimiletelephonenumber: +1 408 555 5556
roomnumber: 4613
userPassword: p2
# Group: admin
dn: cn=admin,ou=groups,ou=system
objectClass: groupOfUniqueNames
uniqueMember: uid=system,ou=users,ou=system
uniqueMember: uid=user2,ou=users,ou=system
cn: admin
# Group: guest
dn: cn=guest,ou=groups,ou=system
objectClass: groupOfUniqueNames
uniqueMember: uid=user1,ou=users,ou=system
cn: guest
I have tried the following application policy in my login-config.xml
file but it does not work :
<application-policy name="my_domaine_LDAP">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</mod
ule-option>
<module-option
name="java.naming.provider.url">ldap://localhost:10389</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">uid=system,ou=system</module-option>
<module-option name="bindCredential">manager</module-option>
<module-option
name="baseCtxDN">cn=admin,ou=groups,ou=system</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
<module-option name="allowEmptyPasswords">true</module-option>
</login-module>
</authentication>
</application-policy>
Being not too familiar with LDAP, I am not too sure about certain
options, like bindCredential, bindDN, baseCtxDN ...
Can someone please help me with the configuration of this application
policy ?
Thanks in advance.
[Attachment #3 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:v =
"urn:schemas-microsoft-com:vml" xmlns:o =
"urn:schemas-microsoft-com:office:office" xmlns:w =
"urn:schemas-microsoft-com:office:word" xmlns:st1 =
"urn:schemas-microsoft-com:office:smarttags"><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16939" name=GENERATOR><!--[if !mso]>
<STYLE>v\:* {
BEHAVIOR: url(#default#VML)
}
o\:* {
BEHAVIOR: url(#default#VML)
}
w\:* {
BEHAVIOR: url(#default#VML)
}
.shape {
BEHAVIOR: url(#default#VML)
}
</STYLE>
<![endif]--><o:SmartTagType name="PersonName"
namespaceuri="urn:schemas-microsoft-com:office:smarttags"></o:SmartTagType><!--[if \
!mso]> <STYLE>st1\:* {
BEHAVIOR: url(#default#ieooui)
}
</STYLE>
<![endif]-->
<STYLE>@font-face {
font-family: Tahoma;
}
@font-face {
font-family: Arial Narrow;
}
@page Section1 {size: 595.3pt 841.9pt; margin: 70.85pt 70.85pt 70.85pt 70.85pt; }
P.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
LI.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
DIV.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: purple; TEXT-DECORATION: underline
}
P {
FONT-SIZE: 12pt; MARGIN-LEFT: 0in; MARGIN-RIGHT: 0in; FONT-FAMILY: "Times New \
Roman"; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto }
SPAN.E-postaStili17 {
COLOR: windowtext; FONT-FAMILY: Arial; mso-style-type: personal
}
SPAN.style31 {
FONT-WEIGHT: bold
}
SPAN.style11 {
COLOR: #666666
}
SPAN.E-postaStili21 {
COLOR: navy; FONT-FAMILY: Arial; mso-style-type: personal-reply
}
DIV.Section1 {
page: Section1
}
</STYLE>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1027" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></HEAD>
<BODY lang=TR vLink=purple link=blue><!--[if gte vml 1]><v:line id="_x0000_s1026" \
style='position:absolute; z-index:1' from="-.5pt,-.9pt" to="182pt,-.9pt" \
strokecolor="navy" strokeweight="2.25pt" /><![endif]--><![if !vml]><![endif]>
<DIV><FONT face=Arial color=#0000ff size=2>Hi,<BR>I am using JBoss AS 5.1.0 GA
and Apache Directory Server.<BR>Can anyone tell me what lines to put in the
application policy configuration of my login-config.xml file <BR>for the
following LDIF file that i imported in Apache Directory Server ?</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>This LDIF file defines 3 users and 2
roles :<BR>uid : system userPassword: manager Roles:
admin<BR>uid : user1 userPassword:
p1 Roles: guest<BR>uid :
user2 userPassword: p2
Roles: admin</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>Here is the LDIF file that I imported
with success in Apache DS :</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2># User: system</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>dn:
uid=system,ou=users,ou=system<BR>cn: John Doe<BR>sn: Doe<BR>givenname:
John<BR>objectclass: top<BR>objectclass: person<BR>objectclass:
organizationalPerson<BR>objectclass: inetOrgPerson<BR>ou: Human Resources<BR>ou:
People<BR>l: Las Vegas<BR>uid: system<BR>mail: <A
href="mailto:system@apachecon.comm">system@apachecon.comm</A><BR>telephonenumber:
+1 408 555 5555<BR>facsimiletelephonenumber: +1 408 555 5556<BR>roomnumber:
4613<BR>userPassword: manager</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2># User: user1</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>dn:
uid=user1,ou=users,ou=system<BR>cn: User<BR>sn: One<BR>givenname:
User1<BR>objectclass: top<BR>objectclass: person<BR>objectclass:
organizationalPerson<BR>objectclass: inetOrgPerson<BR>ou: Human Resources<BR>ou:
People<BR>l: Las Vegas<BR>uid: user1<BR>mail: <A
href="mailto:user1@apachecon.comm">user1@apachecon.comm</A><BR>telephonenumber:
+1 408 555 5555<BR>facsimiletelephonenumber: +1 408 555 5556<BR>roomnumber:
4613<BR>userPassword: p1</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2># User: user2</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>dn:
uid=user2,ou=users,ou=system<BR>cn: User<BR>sn: Two<BR>givenname:
User2<BR>objectclass: top<BR>objectclass: person<BR>objectclass:
organizationalPerson<BR>objectclass: inetOrgPerson<BR>ou: Human Resources<BR>ou:
People<BR>l: Las Vegas<BR>uid: user2<BR>mail: <A
href="mailto:user2@apachecon.comm">user2@apachecon.comm</A><BR>telephonenumber:
+1 408 555 5555<BR>facsimiletelephonenumber: +1 408 555 5556<BR>roomnumber:
4613<BR>userPassword: p2</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2># Group: admin</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>dn:
cn=admin,ou=groups,ou=system<BR>objectClass: groupOfUniqueNames<BR>uniqueMember:
uid=system,ou=users,ou=system<BR>uniqueMember:
uid=user2,ou=users,ou=system<BR>cn: admin</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2># Group: guest</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2>dn:
cn=guest,ou=groups,ou=system<BR>objectClass: groupOfUniqueNames<BR>uniqueMember:
uid=user1,ou=users,ou=system<BR>cn: guest</FONT></DIV>
<DIV> </DIV><FONT face=Arial color=#0000ff size=2>
<DIV><BR>I have tried the following application policy in my login-config.xml
file but it does not work :</DIV>
<DIV> </DIV>
<DIV><application-policy
name="my_domaine_LDAP"><BR> <authentication><BR> <login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required"
><BR> <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option><BR> <module-option \
name="java.naming.provider.url">ldap://localhost:10389</module-option><BR> <module-option \
name="java.naming.security.authentication">simple</module-option><BR> <module-option \
name="bindDN">uid=system,ou=system</module-option><BR> <module-option \
name="bindCredential">manager</module-option><BR> <module-option
name="baseCtxDN">cn=admin,ou=groups,ou=system</module-option><BR> <module-option \
name="baseFilter">(uid={0})</module-option></DIV>
<DIV> </DIV>
<DIV> <module-option
name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option><BR> <module-option \
name="roleFilter">(member={1})</module-option><BR> <module-option
name="roleAttributeID">cn</module-option><BR> <module-option
name="searchScope">ONELEVEL_SCOPE</module-option><BR> <module-option \
name="allowEmptyPasswords">true</module-option><BR> </login-module><BR> </authentication><BR></application-policy></DIV>
<DIV> </DIV>
<DIV>Being not too familiar with LDAP, I am not too sure about certain options,
like bindCredential, bindDN, baseCtxDN ...</DIV>
<DIV> </DIV>
<DIV>Can someone please help me with the configuration of this application
policy ?</DIV>
<DIV> </DIV>
<DIV>Thanks in advance.<BR></FONT></DIV></BODY></HTML>
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
--===============7738826831801725321==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic