Hi all,
Good news! Finally, with trial and error to set different parameter, I can use
LdapLoginModule to work fine now.
Now I try to figure out the alternate setting for Ldap login.
share with our ok config:
--------------------------------------------------------------------------------------
<login-module code="org.jboss.security.auth.spi.LdapLoginModule"
flag="required">
<module-option name="java.naming.factory.initial">
com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option name="java.naming.provider.url">
ldap://ldap.ust.hk/
</module-option>
<module-option name="java.naming.security.authentication">
simple
</module-option>
<module-option name="principalDNPrefix">uid=</module-option>
<module-option
name="principalDNSuffix">,ou=people,o=my.com</module-option>
<module-option
name="rolesCtxDN">ou=people,o=my.com</module-option>
<module-option name="uidAttributeID">uid</module-option>
<module-option name="matchOnUserDN">false</module-option>
<module-option name="roleAttributeID">userClass</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="searchTimeLimit">50000</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4243696#4243696
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4243696
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
