JBoss Community

Re: Ldap configuration

created by Moises Jardim Pinheiro in JBoss AS 7 Development - View the full discussion

I achieved :-)

 

This article was helpful http://middlewaremagic.com/jboss/?p=378

 

The jboss tested was jboss-as-7.1.1.Final

 

In the web.xml I put * in role-name tag for grant access to all groups.

 

<security-role>

                    <role-name>*</role-name>

          </security-role>

 

And in auth-method tag I put BASIC (user/pass from window's browser) instead of FORM.

 

<login-config>

                    <auth-method>BASIC</auth-method>

          </login-config>

 

In standalone.xml

 

<subsystem xmlns="urn:jboss:domain:security:1.1">

            <security-domains>

                <security-domain name="other" cache-type="default">

                    <authentication>

                        <login-module code="Disabled" flag="required"/>

                    </authentication>

                </security-domain>

                <security-domain name="test_ldap_security_domain">

                    <authentication>

                        <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

                            <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                            <module-option name="java.naming.provider.url" value="ldap://server:389"/>

                            <module-option name="bindDN" value="cn=company,cn=test,dc=com,dc=br"/>

                            <module-option name="bindCredential" value="my_ad_pass"/>

                            <module-option name="baseCtxDN" value="cn=test,dc=com,dc=br"/>

                            <module-option name="baseFilter" value="(uid={0})"/>

                            <module-option name="rolesCtxDN" value="cn=Roles,cn=test,dc=com,dc=br"/>

                            <module-option name="roleFilter" value="(userPrincipalName={0})"/>

                            <module-option name="roleAttributeID" value="name"/>

                            <module-option name="roleNameAttributeID" value="cn"/>

                            <module-option name="roleAttributeIsDN" value="true"/>

                            <module-option name="allowEmptyPasswords" value="false"/>

                            <module-option name="Context.REFERRAL" value="follow"/>

                            <module-option name="throwValidateError" value="true"/>

                            <module-option name="searchScope" value="SUBTREE_SCOPE"/>

                            <module-option name="allowEmptyPasswords" value="true"/>

                            <module-option name="throwValidateError" value="true"/>

                        </login-module>

                        <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">

                            <module-option name="rolesProperties" value="../standalone/configuration/test-roles.properties"/>

                            <module-option name="replaceRole" value="false"/>

                        </login-module>

                    </authentication>

                </security-domain>

            </security-domains>

        </subsystem>

Reply to this message by going to Community

Start a new discussion in JBoss AS 7 Development at Community