[jboss-user] [JBoss Portal] - Re: help needed in LDAP authentication in portal environ.
rammy1984
do-not-reply at jboss.com
Mon Feb 25 00:18:59 EST 2008
first of all thanks for the response for which i was waiting ,
this is the code iam using to retrieve users from the LDAP. here i try to get the usermodule reference.
UsernamePasswordHandler handler = new UsernamePasswordHandler(userName, password.toCharArray());
LoginContext loginContext = new LoginContext("portal", handler);
loginContext.login();
Subject subject = loginContext.getSubject();
System.out.println("Subject: "+subject);
Set groups = subject.getPrincipals(Group.class);
Group roles = (Group) groups.iterator().next();
UserModule module ;
module = (UserModule) new InitialContext().lookup("java:/portal/UserModule");
am i goin in a right way ? i have configured the server for authenticating against the LDAP.
i have added the entry in joss-service.xml , and in ldap_identity-config.xml.
in login-config.xml i added the following :
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!-- For the JCR CMS -->
<application-policy name="cms">
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</application-policy>
<application-policy name="portal">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://localhost:10389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=Directory Manager</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">ou=People,dc=example,dc=com</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchTimeLimit">10000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
<module-option name="allowEmptyPasswords">false</module-option>
</login-module>
<login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
<module-option name="synchronizeIdentity">true</module-option>
<module-option name="synchronizeRoles">true</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="defaultAssignedRole">User</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
<module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
</login-module>
</application-policy>
can u tell me how to retrieve users stored in LDAP?
is there anything wrong iam doing? i read the jboss docs and followed them to configure LDAP.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4131732#4131732
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4131732
More information about the jboss-user
mailing list