[jboss-dev-forums] [Design of Security on JBoss] - Re: SSO LdapLoginProvider activates an identity based on the
aamonten
do-not-reply at jboss.com
Mon Apr 7 01:05:35 EDT 2008
Hi,
I just add a new Identity Provider to the trunk, which allow you to define what entry attribute should be used to verify the activation. You can download it
here
Its an extension of the LDAPIdentityProvider that should be configured like this
| <provider id="si:jboss-sso:ldapactivation:login" class="org.jboss.security.idm.ldap.ActivationLDAPIdentityProvider">
|
| <property name="connectionURL">
| jdbc:ldap://localhost:1389/dc=foo,dc=bar?SEARCH_SCOPE:=subTreeScope&secure:=false&concat_atts:=true&size_limit:=10000000
| </property>
|
| <property name="username">cn=admin</property>
|
| <property name="password">password</property>
|
| <property name="identityOu">People</property>
|
| <property name="roleOu">roles</property>
|
| <property name="activation">carLicense</property>
|
| </provider>
You can set any of the valid attributes of an InetOrgPerson schema at the activation property , which would be used to validate the activation.
If none are set it would set the Identoty as active
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4141940#4141940
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4141940
More information about the jboss-dev-forums
mailing list