[jboss-user] [JBoss Portal] - Re: How to get Ldap informations?
rammyramkumar
do-not-reply at jboss.com
Sat May 24 06:40:21 EDT 2008
hi
this is my configuration in login-config.xml file . it is working for me. May be this will be of some help to you.
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!-- For the JCR CMS -->
<application-policy name="cms">
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</application-policy>
<application-policy name="portal">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://localhost:10389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=Directory Manager</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">ou=People,dc=example,dc=com</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchTimeLimit">10000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
<module-option name="allowEmptyPasswords">false</module-option>
</login-module>
<login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
<module-option name="synchronizeIdentity">true</module-option>
<module-option name="synchronizeRoles">true</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="defaultAssignedRole">User</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
<module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
</login-module>
</application-policy>
this will enable you authenticate against LDAP using the Jboss portal login.
Code in my part is
/**
*
* @return Map of Identity Modules
*/
public Map<String,Object> getLDAPModules()
{
Map<String,Object> modulesMap = new HashMap();
if (!checkConfig.equalsIgnoreCase("true"))
{
try
{
UserModule usermodule = (UserModule) new InitialContext().lookup("java:/portal/UserModule");
RoleModule roleModule =(RoleModule) new InitialContext().lookup("java:/portal/RoleModule");
UserProfileModule userProfileModule = (UserProfileModule) new InitialContext().lookup("java:/portal/UserProfileModule");
MembershipModule membershipModule = (MembershipModule) new InitialContext().lookup("java:/portal/MembershipModule");
modulesMap.put(User.USER_MODULE, usermodule);
modulesMap.put(User.ROLE_MODULE, roleModule);
modulesMap.put(User.USER_PROFILE_MODULE, userProfileModule);
modulesMap.put(User.MEMBERSHIP_MODULE, membershipModule);
return modulesMap;
}
catch (NamingException e)
{
e.printStackTrace();
}
catch(Exception e){
e.printStackTrace();
}
}
return null;
}
// this will fetch you the Identity Modules and using this you can get the necessary details from LDAP using the methods available in each Modules.
Good Luck...happy coding
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4153156#4153156
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4153156
More information about the jboss-user
mailing list