...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.1">
<environment>
<moduleId>
<groupId>groupName</groupId>
<artifactId>artifactName</artifactId>
<version>1.0</version>
</moduleId>
<dependencies>
<dependency>
<groupId>geronimo</groupId>
<artifactId>j2ee-security</artifactId>
<version>1.1</version>
<type>car</type>
</dependency>
</dependencies>
</environment>
<gbean name="ldap-login"
class="org.apache.geronimo.security.jaas.LoginModuleGBean">
<attribute name="loginModuleClass">org.apache.geronimo.security.realm.providers.LDAPLoginModule</attribute>
<attribute name="serverSide">true</attribute>
<attribute name="options">
initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
connectionURL=ldap://localhost:1389
connectionUsername=uid=admin,ou=system
connectionPassword=secret
connectionProtocol=
authentication=simple
userBase=ou=users,ou=system
userSearchMatching=uid={0}
userSearchSubtree=false
roleBase=ou=groups,ou=system
roleName=cn
roleSearchMatching=(uniqueMember={0})
roleSearchSubtree=false
userRoleName=
</attribute>
<attribute name="loginDomainName">ldap-realm</attribute>
</gbean>
<gbean name="ldap-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">ldap-realm</attribute>
<reference name="LoginModuleConfiguration">
<name>ldap-login</name>
</reference>
<reference name="ServerInfo">
<name>ServerInfo</name>
</reference>
<reference name="LoginService">
<name>JaasLoginService</name>
</reference>
</gbean>
<gbean name="ldap-login" class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
<attribute name="controlFlag">REQUIRED</attribute>
<reference name="LoginModule">
<name>ldap-login</name>
</reference>
</gbean>
</module>
|
To deploy the ldap-realm.xml run the following command from the <geronimo_home>/bin directory:
java -jar deployer.jar --user system --password manager deploy <ldap_home>/<filename>.xml
Once deployed you should see a confirmation message similar to the following example:
No Format bgColor #000000 borderStyle solid
E:\geronimo\bin>java -jar deployer.jar --user system --password manager deploy e:/ldap-jetty/ldap-realm.xml
Deployed <groupName>/<artifactName>/<version>/car
LDAPLoginModule Options
Info |
---|
Tip: The key to working with the LDAP module is: KNOW YOUR LDAP SCHEMA. |
...