[prev in list] [next in list] [prev in thread] [next in thread] 

List:       jboss-user
Subject:    [jboss-user] [jBPM] - Re: LDAP UserGroupCallback with bind credentials
From:       Hung Phan <do-not-reply () jboss ! com>
Date:       2013-01-30 13:03:03
Message-ID: 2-793333-3-123320-1358794080974-2-795126-3-123787-1359550977958.jivesbs.jivemailuser () https://community ! jboss ! org
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hung Phan [https://community.jboss.org/people/phan] created the discussion

"Re: LDAP UserGroupCallback with bind credentials"

To view the discussion, visit: https://community.jboss.org/message/795126#795126

--------------------------------------------------------------
Have you tried using the 'java.naming.security.principal' and \
'java.naming.security.credentials' in your properties file?   They worked for me \
(thank you for the hints).   

Also, what is the correct configurations to get just the CN for a user's groups (e.g. \
just 'user', or 'admin') into the task.OrganizationalEntity table?   Below is a \
section of my current configuration, which results ininserting the entire string \
                'CN=admin,CN=Users,DC=...' as the 'Group' id.   Thanks in advance.
-------------
# Filter that will be used to search for user information,
# usually will contain substitution keys {0} to be replaced with parameters
# (mandatory)
ldap.user.filter=(sAMAccountName\={0})

# Attribute name of the user id in Active Directory
ldap.user.attr.id=sAMAccountName

# Filter that will be used to search for group/role information,
# usually will contain substitution keys {0} to be replaced with parameters
# (mandatory)
ldap.role.filter=(sAMAccountName\={0})

# Filter that will be used to search for user group/role membership information,
# usually will contain substitution keys {0} to be replaced with parameters
# (mandatory)
ldap.user.roles.filter=(sAMAccountName\={0})

# Attribute name of the group/role id in Active Directory
# (optional, if not given 'cn' will be used)
ldap.roles.attr.id=memberOf

# User id a DN, instructs the callback to query for user DN
# before searching for roles (optional, default false)
ldap.user.id.dn=true
-------------------
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/795126#795126]

Start a new discussion in jBPM at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2034]



[Attachment #5 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; \
margin: 0; padding: 20px;">

<div>
	<table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: \
1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; \
-webkit-border-radius: 6px;">  <tbody>
			<tr>

				<td>

					<table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" \
style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: \
6px; -webkit-border-radius: 6px;">  <tbody>
							<tr>
								<td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px \
solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; \
-moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; \
                -webkit-border-top-left-radius: 5px;">
									<h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; \
                margin: 0; display: block !important;">
									<!-- To have a header image/logo replace the name below with your img tag \
                -->
									<!-- Email clients will render the images when the message is read so any \
                image -->
									<!-- must be made available on a public server, so that all recipients can \
                load the image. -->
									<a href="https://community.jboss.org/index.jspa" style="text-decoration: \
none; color: #E1E1E1">JBoss Community</a></h1>  </td>

							</tr>
							<tr>
								<td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; \
color:#333333; padding: 20px;  -moz-border-radius-bottomleft: 4px; \
-moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; \
-webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: \
17px; font-weight: normal;">  Re: LDAP UserGroupCallback with bind credentials
</h3>
<span style="margin-bottom: 10px;">
    created by <a href="https://community.jboss.org/people/phan">Hung Phan</a> in \
<i>jBPM</i> - <a href="https://community.jboss.org/message/795126#795126">View the \
full discussion</a> </span>
<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">

<div class="jive-rendered-content"><p>Have you tried using the \
'java.naming.security.principal' and 'java.naming.security.credentials' in your \
properties file?&#160; They worked for me (thank you for the hints).&#160; </p><p \
style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>Also, what is the \
correct configurations to get just the CN for a user's groups (e.g. just 'user', or \
'admin') into the task.OrganizationalEntity table?&#160; Below is a section of my \
current configuration, which results ininserting the entire string \
'CN=admin,CN=Users,DC=...' as the 'Group' id.&#160; Thanks in \
advance.</p><p>-------------</p><p># Filter that will be used to search for user \
information,</p><p># usually will contain substitution keys {0} to be replaced with \
parameters</p><p># (mandatory)</p><p>ldap.user.filter=(sAMAccountName\={0})</p><p \
style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p># Attribute name of \
the user id in Active Directory</p><p>ldap.user.attr.id=sAMAccountName</p><p \
style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p># Filter that will \
be used to search for group/role information,</p><p># usually will contain \
substitution keys {0} to be replaced with parameters</p><p># \
(mandatory)</p><p>ldap.role.filter=(sAMAccountName\={0})</p><p style="min-height: \
8pt; height: 8pt; padding: 0px;">&#160;</p><p># Filter that will be used to search \
for user group/role membership information,</p><p># usually will contain substitution \
keys {0} to be replaced with parameters</p><p># \
(mandatory)</p><p>ldap.user.roles.filter=(sAMAccountName\={0})</p><p \
style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p># Attribute name of \
the group/role id in Active Directory</p><p># (optional, if not given 'cn' will be \
used)</p><p>ldap.roles.attr.id=memberOf</p><p style="min-height: 8pt; height: 8pt; \
padding: 0px;">&#160;</p><p># User id a DN, instructs the callback to query for user \
DN</p><p># before searching for roles (optional, default \
false)</p><p>ldap.user.id.dn=true</p><p>-------------------</p></div>

<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">
    <p style="margin: 0;">Reply to this message by <a \
href="https://community.jboss.org/message/795126#795126">going to Community</a></p>  \
<p style="margin: 0;">Start a new discussion in jBPM at <a \
href="https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2034">Community</a></p>
 </div></td>
                        </tr>
                    </tbody>
                </table>


                </td>
            </tr>
        </tbody>
    </table>

</div>

</body>
</html>



_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic