Versions Compared

Old Version 4

changes.mady.by.user David Wolff

Saved on

compared with

New Version 5

changes.mady.by.user David Wolff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
borderStylesolid
titleLDAP Deployment Descriptor XML Example
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.1">
	<environment>
		<moduleId>
			<groupId>groupName</groupId>
			<artifactId>artifactName</artifactId>
			<version>1.0</version>
		</moduleId>
		<dependencies>
			<dependency>
				<groupId>geronimo</groupId>
				<artifactId>j2ee-security</artifactId>
				<version>1.1</version>
				<type>car</type>
			</dependency>
		</dependencies>
	</environment>
	
	<gbean name="ldap-login"
		class="org.apache.geronimo.security.jaas.LoginModuleGBean">
		<attribute name="loginModuleClass">org.apache.geronimo.security.realm.providers.LDAPLoginModule</attribute>
		<attribute name="serverSide">true</attribute>
		<attribute name="options">
			initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
                        connectionURL=ldap://localhost:1389
                        connectionUsername=uid=admin,ou=system
                        connectionPassword=secret
                        connectionProtocol=
                        authentication=simple
                        userBase=ou=users,ou=system
                        userSearchMatching=uid={0}
                        userSearchSubtree=false
                        roleBase=ou=groups,ou=system
                        roleName=cn
                        roleSearchMatching=(uniqueMember={0})
                        roleSearchSubtree=false
                        userRoleName=
		</attribute>
		<attribute name="loginDomainName">ldap-realm</attribute>
	</gbean>
	
	<gbean name="ldap-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm">
		<attribute name="realmName">ldap-realm</attribute>
		<reference name="LoginModuleConfiguration">
			<name>ldap-login</name>
		</reference>
		<reference name="ServerInfo">
			<name>ServerInfo</name>
		</reference>
		
		<reference name="LoginService">
			<name>JaasLoginService</name>
		</reference>
	</gbean>
	
	<gbean name="ldap-login" class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
		<attribute name="controlFlag">REQUIRED</attribute>
		<reference name="LoginModule">
			<name>ldap-login</name>
		</reference>
	</gbean>
</module>

To deploy the ldap-realm.xml run the following command from the <geronimo_home>/bin directory:

java -jar deployer.jar --user system --password manager deploy <ldap_home>/<filename>.xml

Once deployed you should see a confirmation message similar to the following example:

No Format
bgColor#000000
borderStylesolid

E:\geronimo\bin>java -jar deployer.jar --user system --password manager deploy e:/ldap-jetty/ldap-realm.xml
Deployed <groupName>/<artifactName>/<version>/car

LDAPLoginModule Options

Info

Tip: The key to working with the LDAP module is: KNOW YOUR LDAP SCHEMA.

...