[jboss-user] [JBoss Portal] - Portal and using openxchange ldap for users
Veroland
do-not-reply at jboss.com
Fri Oct 19 03:24:42 EDT 2007
Hi All
First off, I am using
Portal 2.6.2
JBoss AS 4.2.1 GA
I have changed portal to authenticate using my openldap directory. Users can authenticate no problem, but however I can not seem to pick up the admin user from the Admin role.
I have created a Role called Admin in my ldap server.
I am getting no errors and are stuck.
My ldap_identity_config.xml file looks like this at the moment:
| <?xml version="1.0" encoding="UTF-8"?>
| <!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ~ JBoss, a division of Red Hat ~
| ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
| ~ contributors as indicated by the @authors tag. See the ~
| ~ copyright.txt in the distribution for a full listing of ~
| ~ individual contributors. ~
| ~ ~
| ~ This is free software; you can redistribute it and/or modify it ~
| ~ under the terms of the GNU Lesser General Public License as ~
| ~ published by the Free Software Foundation; either version 2.1 of ~
| ~ the License, or (at your option) any later version. ~
| ~ ~
| ~ This software is distributed in the hope that it will be useful, ~
| ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
| ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
| ~ Lesser General Public License for more details. ~
| ~ ~
| ~ You should have received a copy of the GNU Lesser General Public ~
| ~ License along with this software; if not, write to the Free ~
| ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
| ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
|
| <!--<!DOCTYPE identity-configuration PUBLIC
| "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
| "http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">-->
|
| <identity-configuration>
| <datasources>
| <datasource>
| <name>LDAP</name>
| <config>
| <option>
| <name>host</name>
| <value>192.168.0.2</value>
| </option>
| <option>
| <name>port</name>
| <value>389</value>
| </option>
| <option>
| <name>adminDN</name>
| <value>
| uid=xxxx,ou=people,dc=symbiotics,dc=co,dc=za
| </value>
| </option>
| <option>
| <name>adminPassword</name>
| <value>xxxx</value>
| </option>
| <!--<option>
| <name>protocol</name>
| <value>ssl</value>
| </option>-->
| </config>
| </datasource>
| </datasources>
| <modules>
|
| <module>
| <!--type used to correctly map in IdentityContext registry-->
| <type>User</type>
| <implementation>LDAP</implementation>
| <config />
| </module>
| <module>
| <type>Role</type>
| <implementation>LDAP</implementation>
| <config />
| </module>
| <module>
| <type>Membership</type>
| <implementation>LDAP</implementation>
| <config />
| </module>
| <module>
| <type>UserProfile</type>
| <implementation>DELEGATING</implementation>
| <config>
| <option>
| <name>ldapModuleJNDIName</name>
| <value>java:/portal/LDAPUserProfileModule</value>
| </option>
| </config>
| </module>
| <module>
| <type>DBDelegateUserProfile</type>
| <implementation>DB</implementation>
| <config>
| <option>
| <name>randomSynchronizePassword</name>
| <value>true</value>
| </option>
| </config>
| </module>
| <module>
| <type>LDAPDelegateUserProfile</type>
| <implementation>LDAP</implementation>
| <config />
| </module>
| </modules>
|
| <options>
|
| <option-group>
| <group-name>common</group-name>
| <option>
| <name>userCtxDN</name>
| <value>ou=people,dc=symbiotics,dc=co,dc=za</value>
| </option>
| <option>
| <name>roleCtxDN</name>
| <value>
| ou=Roles,o=Portal,dc=symbiotics,dc=co,dc=za
| </value>
| </option>
| </option-group>
|
|
| </options>
|
|
| <option-group>
| <group-name>userCreateAttibutes</group-name>
| <option>
| <name>objectClass</name>
| <!--This objectclasses should work with Red Hat Directory-->
| <value>top</value>
| <value>person</value>
| <value>inetOrgPerson</value>
| </option>
| <!--Schema requires those to have initial value-->
| <option>
| <name>cn</name>
| <value>none</value>
| </option>
| <option>
| <name>sn</name>
| <value>none</value>
| </option>
| </option-group>
| <option-group>
| <group-name>roleCreateAttibutes</group-name>
| <!--Schema requires those to have initial value-->
| <option>
| <name>cn</name>
| <value>none</value>
| </option>
| <!--Some directory servers require this attribute to be valid DN-->
| <!--For safety reasons point to the admin user here-->
| <option>
| <name>member</name>
| <value>uid=admin,ou=people,dc=symbiotics,dc=co,dc=za</value>
| </option>
| </option-group>
|
|
| </identity-configuration>
|
A extract of my ldif looks like this
| dn: ou=people, dc=symbiotics,dc=co,dc=za
| ou: people
| objectClass: top
| objectClass: organizationalUnit
|
|
| dn: uid=admin, ou=people, dc=symbiotics,dc=co,dc=za
| preferredLanguage: EN
| userCountry: US
| objectClass: top
| objectClass: shadowAccount
| objectClass: posixAccount
| objectClass: person
| objectClass: inetOrgPerson
| objectClass: OXUserObject
| objectClass: organizationalPerson
| lnetMailAccess: OK
| imapServer: 127.0.0.1
| userPassword:: e1NIQX0wRFBpS3VOSXJyVm1EOElVQ3V3MWhReE5xWmM9
| OXAppointmentDays: 5
| smtpServer: 127.0.0.1
| uid: admin
| mail: admin at symbiotics.co.za
| uidNumber: 1008
| cn: admin
| colocRouteAddr: admin at localhost
| loginShell: /bin/false
| alias: admin at symbiotics.co.za
| gidNumber: 1100
| o: symbiotics
| mailDomain: symbiotics.co.za
| OXTaskDays: 5
| homeDirectory: /home/admin
| sn: admin
| OXTimeZone: America/New_York
| mailEnabled: OK
|
| dn: ou=addr,uid=admin, ou=people, dc=symbiotics,dc=co,dc=za
| ou: addr
| objectClass: top
| objectClass: organizationalUnit
|
|
| dn: o=Portal, dc=symbiotics,dc=co,dc=za
| objectClass: top
| objectClass: organization
| o: Portal
|
| dn: ou=Roles, o=Portal, dc=symbiotics,dc=co,dc=za
| ou: Roles
| objectClass: top
| objectClass: organizationalUnit
|
| dn: cn=Admin,ou=Roles, o=Portal, dc=symbiotics,dc=co,dc=za
| objectClass: top
| objectClass: groupOfNames
| description: Admin
| member: uid=admin,ou=people,dc=symbiotics,dc=co,dc=za
| cn: Admin
|
|
I have no idea what I have checked the default-object.xml and the viewrecursive still points to Admin.
Any help will be greatly appreciated.
Thanks
Marius
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4096837#4096837
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4096837
More information about the jboss-user
mailing list