-
1. Re: Where to configure my LDAP auth code? and Folder Structure of AS7 compare with JBoss 5
jaysensharma Jun 18, 2012 6:56 AM (in response to kamalsuriya)Hi Kamal,
This link might be helpful: http://middlewaremagic.com/jboss/?p=378 You can use Admin-Console or the CLI in order to configure the same LDAP Security Domain...as following:
<subsystem xmlns="urn:jboss:domain:security:1.1">
.
.
.
<security-domain name="test_ldap_security_domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://10.10.10.10:389"/>
<module-option name="bindDN" value="cn=abc,cn=Users,dc=mydomain,dc=com"/>
<module-option name="bindCredential" value="Test@123"/>
<module-option name="baseCtxDN" value="cn=Users,dc=mydomain,dc=com"/>
<module-option name="baseFilter" value="(userPrincipalName={0})"/>
<module-option name="rolesCtxDN" value="cn=Users,dc=mydomain,dc=com"/>
<module-option name="roleFilter" value="(userPrincipalName={0})"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="Context.REFERRAL" value="follow"/>
<module-option name="throwValidateError" value="true"/> <!-- This attribute helps us in trouble shooting the Ldap auth -->
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="allowEmptyPasswords" value="true"/>
</login-module>
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
<module-option name="rolesProperties" value="/home/userone/jboss-as-7.1.1.Final/standalone/configuration/test-roles.properties"/>
<module-option name="replaceRole" value="false"/>
</login-module>
</authentication>
</security-domain>
.
.
.
</security-domains>
</subsystem>
To configure security-domain using CLI script in JBossAS7 you can also try the following link with small modifications: http://middlewaremagic.com/jboss/?p=2049 (How to create security-domain in JBossAS7 using CLI)