[jboss-user] [JBoss Portal] - Re: LDAP Authentication & Authorization to eDirectory

bdaw do-not-reply at jboss.com
Wed May 23 16:25:56 EDT 2007 

a lot of questions in your posts :)

... lets start from the beginning. I'm sure that the issue with disabled account should be resolved in newest sources. Did you flush the database content? Please try to redeploy portal from the newest sources, start with clean database, and let me know if you have still issues.

To have admin account portal needs to resolve account 'admin' with role 'Admin'. So I beleive that if you change 'Administrators' to 'Admin' in your LDAP you should get proper privilages.

You can workaround this by uncommenting following lines in login-config.xml:

anonymous wrote : 
  | <login-module code = "org.jboss.portal.identity.auth.DBIdentityLoginModule" flag="sufficient">
  |             <module-option name="dsJndiName">java:/PortalDS</module-option>
  |             <module-option name="principalsQuery">SELECT jbp_password FROM jbp_users WHERE jbp_uname=?</module-option>
  |             <module-option name="rolesQuery">SELECT jbp_roles.jbp_name, 'Roles' FROM  jbp_role_membership INNER JOIN jbp_roles ON jbp_role_membership.jbp_rid = jbp_roles.jbp_rid INNER JOIN jbp_users ON jbp_role_membership.jbp_uid = jbp_users.jbp_uid WHERE jbp_users.jbp_uname=?</module-option>
  |             <module-option name="hashAlgorithm">MD5</module-option>
  |             <module-option name="hashEncoding">HEX</module-option>
  |             <module-option name="additionalRole">Authenticated</module-option>
  |          </login-module>
  | 

and remove admin account from your LDAP. This will enable portal to use built in 'admin' account from the database. Please look at "Authentication and Authorization' chapter in latest 2.6 Reference Guide to learn more about this configuration.

If you update to latest portal sources:
svn co http://anonsvn.jboss.org/repos/portal/trunk/ jboss-portal-2.6 

Then you can edit those configuration files directly in:
portal-sources/core/src/resources/portal-core-sar/ ...

then simply set JBOSS_HOME env and deploy whole using

portal-sources/build/build.sh deploy-all

I hope this will help you to avoid unpacking the jars :)

If you have issues with 'seeAlso' attribute just remove related  'ldap' mapping from profile-config.xml file.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4048050#4048050

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4048050

More information about the jboss-user mailing list