From portal-commits at lists.jboss.org Sat Mar  3 11:38:30 2007
Content-Type: multipart/mixed; boundary="===============8445738188563838147=="
MIME-Version: 1.0
From: portal-commits at lists.jboss.org
To: portal-commits at lists.jboss.org
Subject: [portal-commits] JBoss Portal SVN: r6500 -
 docs/trunk/referenceGuide/en/modules.
Date: Sat, 03 Mar 2007 11:38:30 -0500
Message-ID: <E1HNXFe-000051-Mc@committer01.frg.pub.inap.atl.jboss.com>

--===============8445738188563838147==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Author: bdaw
Date: 2007-03-03 11:38:30 -0500 (Sat, 03 Mar 2007)
New Revision: 6500

Added:
   docs/trunk/referenceGuide/en/modules/ldap.xml
Log:
ldap chapter in reference guide

Added: docs/trunk/referenceGuide/en/modules/ldap.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- docs/trunk/referenceGuide/en/modules/ldap.xml	                        (=
rev 0)
+++ docs/trunk/referenceGuide/en/modules/ldap.xml	2007-03-03 16:38:30 UTC (=
rev 6500)
@@ -0,0 +1,159 @@
+<chapter id=3D"ldap">
+   <chapterinfo>
+      <author>
+         <firstname>Boleslaw</firstname>
+         <surname>Dawidowicz</surname>
+         <email>boleslaw.dawidowicz at jboss dot com</email>
+      </author>
+   </chapterinfo>
+   <title>LDAP</title>
+   <para>This chapter describes how to setup LDAP support in JBoss Portal<=
/para>
+   <sect1>
+      <title>How to enable LDAP usage in JBoss Portal</title>
+      <para>We'll describe here the simple steps that you'll need to enabl=
e LDAP support in JBoss Portal.
+         For additional information you need to study more about configura=
tion of identity and specific implementations of identity modules</para>
+      <para>There are two ways to achieve this:</para>
+      <itemizedlist>
+         <listitem>
+            <para>In
+               <emphasis role=3D"bold">jboss-porta.sar/META-INF/jboss-serv=
ice.xml</emphasis>
+               in section:
+            </para>
+            <programlisting><![CDATA[
+<mbean
+   code=3D"org.jboss.portal.identity.IdentityServiceControllerImpl"
+   name=3D"portal:service=3DModule,type=3DIdentityServiceController"
+   xmbean-dd=3D""
+   xmbean-code=3D"org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+   <xmbean/>
+   <depends>portal:service=3DHibernate</depends>
+   <!--<depends>jboss.jca:service=3DDataSourceBinding,name=3D@portal.datas=
ource.name@</depends>-->
+   <attribute name=3D"JndiName">java:/portal/IdentityServiceController</at=
tribute>
+   <attribute name=3D"RegisterMBeans">true</attribute>
+   <attribute name=3D"ConfigFile">conf/identity/identity-config.xml</attri=
bute>
+   <attribute name=3D"DefaultConfigFile">conf/identity/standardidentity-co=
nfig.xml</attribute>
+</mbean>]]></programlisting>
+            <para>
+               change
+               <emphasis role=3D"bold">identity-config.xml</emphasis>
+               to
+               <emphasis role=3D"bold">ldap_identity-config.xml</emphasis>
+            </para>
+         </listitem>
+         <listitem>
+            <para>Swap the names or content of files in
+               <emphasis role=3D"bold">jboss-porta.sar/conf/identity/ident=
ity-config.xml</emphasis>
+               and
+               <emphasis role=3D"bold">jboss-porta.sar/conf/identity/ldap_=
identity-config.xml</emphasis>
+
+            </para>
+         </listitem>
+      </itemizedlist>
+      <para>
+         After doing one of above changes you need to edit configuration f=
ile that you choose to
+         use (identity-config.xml or ldap_identity-config.xml) and configu=
re LDAP connection options in section:
+      </para>
+      <programlisting><![CDATA[
+<datasource>
+   <name>LDAP</name>
+   <config>
+      <option>
+         <name>host</name>
+         <value>jboss.com</value>
+      </option>
+      <option>
+         <name>port</name>
+         <value>10389</value>
+      </option>
+      <option>
+         <name>adminDN</name>
+         <value>cn=3DDirectory Manager</value>
+      </option>
+      <option>
+         <name>adminPassword</name>
+         <value>qpq123qpq</value>
+      </option>
+   </config>
+</datasource>]]></programlisting>
+      <para>
+         You also need to specify options for your LDAP tree (described in=
 configuration documentation) like those:
+      </para>
+      <programlisting><![CDATA[
+<option-group>
+   <group-name>common</group-name>
+   <option>
+      <name>userCtxDN</name>
+      <value>ou=3DPeople,dc=3Dportal26,dc=3Djboss,dc=3Dcom</value>
+   </option>
+   <option>
+      <name>roleCtxDN</name>
+      <value>ou=3DRoles,dc=3Dportal26,dc=3Djboss,dc=3Dcom</value>
+   </option>
+</option-group>]]></programlisting>
+
+      <note>
+         Under <emphasis role=3D"bold">PORTAL_SOURCES/identity/src/resourc=
es/example/</emphasis> you can find a sample ldif that
+         you can use to populate LDAP server and quickly start playing wit=
h it.
+      </note>
+
+   </sect1>
+   <sect1>
+      <title>Configuration of LDAP connection</title>
+      <sect2>
+         <title>SSL</title>
+         <para>The setup is very similar to the one described in LdapLogin=
Module <ulink url=3D"http://www.jboss.org/wiki/Wiki.jsp?page=3DLdapLoginMod=
ule">wiki page</ulink></para>
+         <para>You need to modify your identity configuration file and add=
 "protocol"</para>
+         <programlisting><![CDATA[
+<datasource>
+   <name>LDAP</name>
+   <config>
+      ...
+      <option>
+         <name>protocol</name>
+         <value>ssl</value>
+      </option>
+      ...
+   </config>
+</datasource>]]></programlisting>
+         <para>
+            Then you need to have LDAP server certificate imported into yo=
ur keystore. You can use following command:
+            <programlisting>keytool -import -file ldapcert.der -keystore l=
dap.truststore</programlisting>
+         </para>
+         <para>
+            Now you need to change the settings to use the alternative tru=
ststore. That can be done in the properties-service.xml in deploy directory:
+            <programlisting><![CDATA[
+<attribute name=3D"Properties">
+   javax.net.ssl.trustStore=3D../some/path/to/ldap.truststore
+   javax.net.ssl.trustStorePassword=3Dsomepw
+</attribute>]]></programlisting>
+         </para>
+      </sect2>
+      <sect2>
+         <title>ExternalContext</title>
+         <para>Instead of configuring your own connection you can use JNDI=
 context federation mechanism in JBoss Application Server. Configuration of
+            ExternalContext is described in <ulink url=3D"http://docs.jbos=
s.com/jbossas/guides/j2eeguide/r2/en/html_single/#d0e6877">JBoss Applicatio=
n Server documentation</ulink></para>
+         <para>When you have ExternalContext configured you can use it in =
JBoss Portal by providing proper JNDI name in the configuration:
+            <programlisting><![CDATA[
+<datasource>
+   <name>LDAP</name>
+   <config>
+      <option>
+         <name>externalContextJndiName</name>
+         <value>external/ldap/jboss</value>
+      </option>
+   </config>
+</datasource>]]></programlisting>
+            <note>When using "externalContextJndiName" you don't need to s=
pecify any other option for this datasource</note>
+         </para>
+      </sect2>
+   </sect1>
+   <sect1>
+       <title>Place holder 2</title>
+       <para>TODO:</para>
+   </sect1>
+   <sect1>
+       <title>Place holder 3</title>
+       <para>TODO:</para>
+   </sect1>
+
+</chapter>


--===============8445738188563838147==--