[jboss-user] [JBoss Portal] - Re: JBoss Portal LDAP Setup
doranen
do-not-reply at jboss.com
Wed Oct 31 14:53:24 EDT 2007
"bdaw" wrote : I recently added SynchronizingLdapLoginModule that extends LdapLoginModule from JBossSX and SynchronizingLdapExtLoginModule that does the same for LdapExtLoginModule You can use them to
| - just authenticate against LDAP + inject additional role principal which is used to secure portal application
| - authenticate against LDAP + synchronize ldap user into portal DB
| - authenticate against LDAP + synchronize ldap user into portal DB + assign such user to specified portal role
| - authenticate against LDAP + synchronize ldap user into portal DB + assign such user to specified portal role + try to synchronize all the roles obtained for such user from LDAP into portal DB
| ...
| You need to remember that it's hard to decouple users and roles because of relationship. So you can't just keep users in LDAP and roles in DB.
| ...
|
|
Hi bdaw,
Like dhartford, I need to use the LDAP for authentiation (username/password) only and not store any role information there. It seems like from your Use Case #1 that this is possible by just authenticating and then synchronizing users/new roles to DB, but I am confused as to what to use for my config settings in jboss-service.xml, login.config-xml, as well as identity-config.xml. Which login modules should I use and what options should I set? I am just using a test LDAP (OpenDS) for getting the proof of concept. Thanks for any advice you can give.
JBoss Portal Version : 2.6.2 Bundled
Downloaded Portal, not from CVS
JBoss AS Version: 4.2.1
Database Vendor and Version: MySQL
JDBC Connector and Version: MySQL connector/J 5.1
OS Platform: Windows XP Pro
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4100817#4100817
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4100817
More information about the jboss-user
mailing list