[JBoss Portal] - Re: JBoss Portal LDAP Setup
by olivwalt
Hello bdaw,
it works :). Great thx a lot for your help. Here is my setup.
1. Update $JBOSS_HOME\server\default\deploy\jboss-portal.sar\conf\login-config.xml an replace existing <!-- <application-policy name="portal">
| <authentication>
| <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="password-stacking">useFirstPass</module-option>
| </login-module>
| </authentication>
| </application-policy> --> with <application-policy name="portal">
| <authentication>
| <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="sufficient">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="password-stacking">useFirstPass</module-option>
| </login-module>
| <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
| <module-option name="java.naming.factory.initial">
| com.sun.jndi.ldap.LdapCtxFactory
| </module-option>
| <module-option name="java.naming.provider.url">
| ldap://bridge6.eu.boschrexroth.com:389/
| </module-option>
| <module-option name="java.naming.security.authentication">
| simple
| </module-option>
| <module-option name="baseCtxDN">ou=People,o=boschrexroth</module-option>
| <module-option name="baseFilter">(uid={0})</module-option>
| <module-option name="rolesCtxDN">ou=Groups,o=boschrexroth</module-option>
| <module-option name="roleFilter">(member={1})</module-option>
| <module-option name="roleAttributeID">member</module-option>
| <module-option name="roleRecursion">-1</module-option>
| <module-option name="roleNameAttributeID">cn</module-option>
| <module-option name="roleAttributeIsDN">true</module-option>
| <module-option name="searchTimeLimit">5000</module-option>
| <module-option name="searchScope">SUBTREE_SCOPE</module-option>
| </login-module>
| </authentication>
| </application-policy>
We use LdapExtLoginModule, due to a hierarchical structure in our LDAP server. As our structure is equal to example1.ldif (http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule) i set the module-options "roleAttributeIsDN" and "roleNameAttributeID" (in our case "cn").
Add the IdentityLoginModule with flag="sufficient", if you want the existing default admin and user still login.
2. Create a role in LDAP with name "Authenticated" and add all users, which you want to login as members to the role. I`m sure you also can map the security-constraint in portal-server.war\WEB-INF\web.xml, to any other already existing role, but never tested that.
Regards Oliver
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3987962#3987962
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3987962
19Â years, 5Â months
[JBoss jBPM] - Re: Deploy new version of a Process defintion loaded and upd
by kukeltje
the API (JbpmContext) has a method deployProcessDefinition. If you dig into this (the code IS open you know, you will see a getGraphSession().deployProcessDefinition(processDefinition);
and if you go into that, you will see
public void deployProcessDefinition(ProcessDefinition processDefinition) {
| String processDefinitionName = processDefinition.getName();
| // if the process definition has a name (process versioning only applies to named process definitions)
| if (processDefinitionName!=null) {
| // find the current latest process definition
| ProcessDefinition previousLatestVersion = findLatestProcessDefinition(processDefinitionName);
| // if there is a current latest process definition
| if (previousLatestVersion!=null) {
| // take the next version number
| processDefinition.setVersion( previousLatestVersion.getVersion()+1 );
| } else {
| // start from 1
| processDefinition.setVersion(1);
| }
|
| session.save(processDefinition);
|
| } else {
| throw new JbpmException("process definition does not have a name");
| }
| }
So deploying a pd via the api increments the version.
Ahhh wait.... that is not what you meant right.......
you want to make a copy of the pd, change that and deploy it. Remember, this is hibernate etc... just changing the pd and nodes below, changes all nodes currently loaded and will update them..... you have to make a full copy not change the existing loaded pd and deploy it again.....
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3987957#3987957
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3987957
19Â years, 5Â months