[jboss-user] [JBossWS] - Re: How to configure <application-policy name=

joncmuniz do-not-reply at jboss.com
Wed Apr 15 09:56:11 EDT 2009 

It's very very easy!!!!!!!!!!!!!

  |   <!--
  |       A template configuration for the JBossWS security domain.
  |       This defaults to the UsersRolesLoginModule the same as other and should be
  |       changed to a stronger authentication mechanism as required.
  |     
  |     <application-policy name="JBossWS">
  |       <authentication>
  |         <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
  |           flag="required">
  |           <module-option name="usersProperties">props/jbossws-users.properties</module-option>
  |           <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
  |           <module-option name="unauthenticatedIdentity">anonymous</module-option>
  |         </login-module>
  |       </authentication>
  |     </application-policy>
  | -->
  | 
CHANGE FOR THIS ----------

  | <application-policy name="JBossWS">
  |     <authentication>
  |         <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
  |                       flag="required">
  |             <module-option name="java.naming.factory.initial">
  |                 com.sun.jndi.ldap.LdapCtxFactory
  |             </module-option>
  |             <module-option name="java.naming.provider.url">
  |                 ldap://YOUR IP:PORT LDAP/
  |             </module-option>
  |             <module-option name="java.naming.security.authentication">
  |                 simple
  |             </module-option>
  |             <module-option name="principalDNPrefix">uid=</module-option>
  |             <module-option name="principalDNSuffix">
  |                 ,ou=users,dc=cds,dc=com
  |             </module-option>
  | 
  |             <module-option name="rolesCtxDN">
  |                 ou=groups,dc=cds,dc=com
  |             </module-option>
  |             <module-option name="uidAttributeID">member</module-option>
  |             <module-option name="matchOnUserDN">true</module-option>
  | 
  |             <module-option name="roleAttributeID">cn</module-option>
  |             <module-option name="roleAttributeIsDN">false </module-option>
  |         </login-module>
  |     </authentication>
  | </application-policy>    
  | 

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4225646#4225646

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4225646

More information about the jboss-user mailing list