You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "JamesLiao (JIRA)" <je...@portals.apache.org> on 2005/05/29 03:46:53 UTC
[jira] Updated: (JS2-188) Implement the LDAP
[ http://issues.apache.org/jira/browse/JS2-188?page=all ]
JamesLiao updated JS2-188:
--------------------------
Attachment: assembly.zip
The current Ldap module is ok, but there are some errors here.
The following is detail to make it work.
1. Replace the last bean definition named placeholderConfig in jetspeed-spring.xml with the following:
<!-- Adds jetspeed.properties as our configuration object to support ${...} vars -->
<!-- ${applicationRoot} is acutally set as a system property via the SpringEngine -->
<bean id="placeholderConfig"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>file:///${applicationRoot}/WEB-INF/conf/jetspeed.properties</value>
<value>file:///${applicationRoot}/WEB-INF/conf/ldap.properties</value>
</list>
</property>
</bean>
2. Add a bean definition into security-providers.xml
<bean id="org.apache.jetspeed.security.LdapAuthenticationProvider"
class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"
>
<constructor-arg index="0"><value>LdapAuthenticator</value></constructor-arg>
<constructor-arg index="1"><value>The ldap authenticator</value></constructor-arg>
<constructor-arg index="2"><value>login.conf</value></constructor-arg>
<constructor-arg index="3"><ref bean="org.apache.jetspeed.security.spi.LdapCredentialHandler"/></constructor-arg>
<constructor-arg index="4"><ref bean="org.apache.jetspeed.security.spi.LdapUserSecurityHandler"/></constructor-arg>
</bean>
3. Add the above reference bean into bean org.apache.jetspeed.security.AuthenticationProviderProxy
<!-- Security: Authentication Provider Proxy -->
<bean id="org.apache.jetspeed.security.AuthenticationProviderProxy"
class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"
>
<constructor-arg >
<list>
<ref bean="org.apache.jetspeed.security.AuthenticationProvider"/>
<ref bean="org.apache.jetspeed.security.LdapAuthenticationProvider"/>
</list>
</constructor-arg>
<constructor-arg ><value>DefaultAuthenticator</value></constructor-arg>
</bean>
4. Change the file security-spi-ldap-atn.xml as following:
<beans>
<!-- ************** Security SPI Handlers ************** -->
<!-- Security SPI: LdapUserCredentialDao -->
<bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDao"
class="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDaoImpl"
>
<constructor-arg index="0"><value>${org.apache.jetspeed.ldap.ldapServerName}</value></constructor-arg>
<constructor-arg index="1"><value>${org.apache.jetspeed.ldap.rootDn}</value></constructor-arg>
<constructor-arg index="2"><value>${org.apache.jetspeed.ldap.rootPassword}</value></constructor-arg>
<constructor-arg index="3"><value>${org.apache.jetspeed.ldap.rootContext}</value></constructor-arg>
<constructor-arg index="4"><value>${org.apache.jetspeed.ldap.defaultDnSuffix}</value></constructor-arg>
</bean>
<!-- Security SPI: CredentialHandler -->
<bean id="org.apache.jetspeed.security.spi.LdapCredentialHandler"
class="org.apache.jetspeed.security.spi.impl.LdapCredentialHandler"
>
<constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDao"/></constructor-arg>
</bean>
<!-- Security SPI: UserSecurityHandler -->
<bean id="org.apache.jetspeed.security.spi.LdapUserSecurityHandler"
class="org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler"
>
<constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao"/></constructor-arg>
</bean>
<!-- Security SPI: UserSecurityHandler -->
<bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao"
class="org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl"
>
<constructor-arg index="0"><value>${org.apache.jetspeed.ldap.ldapServerName}</value></constructor-arg>
<constructor-arg index="1"><value>${org.apache.jetspeed.ldap.rootDn}</value></constructor-arg>
<constructor-arg index="2"><value>${org.apache.jetspeed.ldap.rootPassword}</value></constructor-arg>
<constructor-arg index="3"><value>${org.apache.jetspeed.ldap.rootContext}</value></constructor-arg>
<constructor-arg index="4"><value>${org.apache.jetspeed.ldap.defaultDnSuffix}</value></constructor-arg>
</bean>
</beans>
Notes:
1. The above steps enable multi authentication providers(The default database and a customer's ldap), so you can not
remove the original security-spi-atn.xml.
2. The ldap entry which can be identified by J2 have many constrains like objectClass must be jetspeed-2-user
or jetspeed-2-group. I am thinking about can we make them all configurable through spring bean definition.
You can check all my configuration file in attachments.
> Implement the LDAP
> ------------------
>
> Key: JS2-188
> URL: http://issues.apache.org/jira/browse/JS2-188
> Project: Jetspeed 2
> Type: Improvement
> Components: Security
> Reporter: J, Edgar Zavala
> Attachments: assembly.zip, jetspeed-2-ldap-authentication.tar.gz
>
> Implement the LDAP integration using the SPI, provide the LDAP authenitcation option.
> TODO:
> 1.- Complete the current implementation and complete the David work in:
> a) org.apache.jetspeed.security.spi.impl.LdapCredentialHandler
> b) org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org