[jboss-dev-forums] [JBoss AS 7 Development] - Re: Ldap configuration
Moises Jardim Pinheiro
do-not-reply at jboss.com
Thu Jul 25 11:09:36 EDT 2013
Moises Jardim Pinheiro [https://community.jboss.org/people/jardimpinheiro] created the discussion
"Re: Ldap configuration"
To view the discussion, visit: https://community.jboss.org/message/829793#829793
--------------------------------------------------------------
I achieved :-)
This article was helpful http://middlewaremagic.com/jboss/?p=378 http://middlewaremagic.com/jboss/?p=378
The jboss tested was jboss-as-7.1.1.Final
In the web.xml I put * in role-name tag for grant access to all groups.
<security-role>
<role-name>*</role-name>
</security-role>
And in auth-method tag I put BASIC (user/pass from window's browser) instead of FORM.
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
In standalone.xml
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Disabled" flag="required"/>
</authentication>
</security-domain>
<security-domain name="test_ldap_security_domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://server:389"/>
<module-option name="bindDN" value="cn=company,cn=test,dc=com,dc=br"/>
<module-option name="bindCredential" value="my_ad_pass"/>
<module-option name="baseCtxDN" value="cn=test,dc=com,dc=br"/>
<module-option name="baseFilter" value="(uid={0})"/>
<module-option name="rolesCtxDN" value="cn=Roles,cn=test,dc=com,dc=br"/>
<module-option name="roleFilter" value="(userPrincipalName={0})"/>
<module-option name="roleAttributeID" value="name"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="Context.REFERRAL" value="follow"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="allowEmptyPasswords" value="true"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
<module-option name="rolesProperties" value="../standalone/configuration/test-roles.properties"/>
<module-option name="replaceRole" value="false"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/829793#829793]
Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130725/003ca613/attachment-0001.html
More information about the jboss-dev-forums
mailing list