[Installation, Configuration & DEPLOYMENT] - Re: Tutorial for setup of Authentication in JBoss?
by PeterJ
Here are a few things to try.
1) Set roleAttributeIsDN to false. Looking at the code it appears that if this is false then the role is assumed to be the attribute's value (that is, the value of userClass in your example).
Also, set TRACE logging for the "org.jboss.security.auth.spi" package - once the LDAP login module gathers all of the necessary info to lookup the role it prints the info to the log if TRACE is set. It also prints out information about what it finds.
2) The LdapExtLoginModule has a defaultRole option that might do what you want; it appears to assign a role to all logged in users. You would have to change the config to look something like this:
<application-policy name="ldapLogin">
| <authentication>
| <login-module flag="required" code="org.jboss.security.auth.spi.LdapExtLoginModule">
| <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
| <module-option name="java.naming.provider.url">ldap://ldap.my.com:389/</module-option>
| <module-option name="java.naming.security.authentication">simple</module-option>
| <module-option name="bindDN">--account with ldap access--</module-option>
| <module-option name="bindCredential">--password for that account--</module-option>
| <module-option name="baseCtxDN">ou=people,o=my.com</module-option>
| <module-option name="baseFilter">(uid={0})</module-option>
| <module-option name="defaultRole">xxx</module-option>
| </login-module>
| </authentication>
| </application-policy>
Unfortunately the LdapExtLoginModule does not provide that much information when logging is set to TRACE.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4241773#4241773
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4241773
16 years, 9 months
[Installation, Configuration & DEPLOYMENT] - Several applications running in the same instance
by chkiron
Hello!
One of my current taks is suggesting the best scenario for my customer's JBoss infra-structure.
My company is building 3 different applications (3 .WARs). Today, they use the same libs version (spring, hibernate, rich-faces, etc).
My client' IT staff wants to put these 3 applications and any others they have or are building in the same JBoss instance.
I am trying to change this, but I am lacking arguments.
So, I am looking for sources (documents, articles, blogs, etc) that can help me in developing a deeper understanding of this scenario. I need to know the pros and cons of this approach as well as suggest alternative ones.
Finally, my question: does anyone here know where can I find this kind of information? I am googling since yesterday to no avail.
Kind regards,
Thanks in advance
Chkiron
PS: I searched JBoss forum trying to figure where ask this question - i hope I got it right. If I am wrong, could you please tell me where to post this question? It is really important to me, but I am having troubles in finding a good source for this specific question.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4241757#4241757
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4241757
16 years, 9 months