[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Tutorial for setup of Authentication in JBoss?
dickson1888
do-not-reply at jboss.com
Sun May 24 22:57:03 EDT 2009
I get 403 error when test the ldap auth. It seems that the password authentication is ok because no error is in the server.log. Therefore, it means something is wrong in role authentication.
As my ldap server does not have role design and information, I want to use the same tree (class) for the role authentication. For example, the one attribute of "userclass" or "department" will be used for role authentication. Please help to point out how to config my ldap authentication. My setting is as the following:
<application-policy name = "testLdapExample1">
<login-module code="org.jboss.security.auth.spi.LdapLoginModule"
flag="required">
<module-option name="java.naming.factory.initial">
com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option name="java.naming.provider.url">
ldap://ldap.my.com/
</module-option>
<module-option name="java.naming.security.authentication">
simple
</module-option>
<module-option name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,ou=People,o=my.com</module-option>
<module-option name="rolesCtxDN">,ou=People,o=my.com</module-option>
<module-option name="uidAttributeID">uid</module-option>
<module-option name="matchOnUserDN">true</module-option>
<module-option name="roleAttributeID">uid</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</application-policy>
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4232926#4232926
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4232926
More information about the jboss-user
mailing list