[
https://issues.redhat.com/browse/DROOLS-5528?page=com.atlassian.jira.plug...
]
prabhat kumar commented on DROOLS-5528:
---------------------------------------
Hi Team,
I have configured the kie buisness central and kie server on the wildfly and its working
fine. But we need to implement LDAP security authentication and have configured the same
in wildfly standalone-full.xml . I am able to login to workbench and performed the rules
related action.
But My issue is that Buisness central workbench is unable to registered with kieserver at
time of startup,even I have created users on the LDAP server with below roles:-
User:- prabhatA
password:-password
role:- rest-all,admin
User:- prabhatServer
password:-password
role:- kie-server,admin
And mentioned the credentionl in system properties tag of standalone-full.xml:-
<property name="org.kie.server.controller.user"
value="prabhatA"/>
<property name="org.kie.server.controller.password"
value="password"/>
<property name="org.kie.server.user" value="prabhatServer"/>
<property name="org.kie.server.pwd" value="password"/>
<property name="org.kie.server.controller"
value="[http://localhost:8080/business-central/rest/controller]"/>
<property name="org.kie.server.location"
value="[http://localhost:8080/kie-server/services/rest/server]"/>
<property name="[org.kie.server.id|http://org.kie.server.id/]"
value="wildfly-kieserver"/>
Also add ldap configuration for the login module as below:-
<security-domain name="ldap" cache-type="default">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
<module-option name="java.naming.provider.url"
value="ldap://localhost:10389"/>
<module-option name="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option
name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN"
value="uid=admin,ou=system"/>
<module-option name="bindCredential"
value="secret"/>
<module-option name="baseCtxDN"
value="ou=pepoleTest,dc=example,dc=com"/>
<module-option name="baseFilter"
value="(uid=\{0})"/>
<module-option name="rolesCtxDN"
value="ou=ruleTest,dc=example,dc=com"/>
<module-option name="roleFilter"
value="(member=\{1})"/>
<module-option name="roleAttributeID"
value="cn"/>
<module-option name="roleAttributeIsDN"
value="true"/>
<module-option name="roleNameAttributeID"
value="cn"/>
<module-option name="roleRecursion"
value="2"/>
<module-option name="searchScope"
value="SUBTREE_SCOPE"/>
</login-module>
</authentication>
</security-domain>
I have also updated the security doman value in jboss-web.xml of business central and kie
server wars.
<security-domain>ldap</security-domain>
Note:----
If I create user on LDAP server with below details:-
username =kieserver
password = kieserver1!
role= kie-server
Then both business central and kie server are able to register themselves successfully.But
this approcah forcing us to create user on LDAP server with above details(kieserver).
Could you please suggest the way so that I don't need to create user with details
(userName=kieserver and password=kieserver1!).
Drools buisness central ldap authentication
-------------------------------------------
Key: DROOLS-5528
URL:
https://issues.redhat.com/browse/DROOLS-5528
Project: Drools
Issue Type: Feature Request
Reporter: prabhat kumar
Assignee: Mario Fusco
Priority: Major
--
This message was sent by Atlassian Jira
(v7.13.8#713008)