[JBoss-user] LdapLoginModule with Active Directory

Fri, 14 Mar 2003 03:39:21 -0800 

We're using the LdapLoginModule to authenticate and do authorization
against and Active Directory container.

But we're having two problems... 

---------------------------------
The first and more important one is:

Our users are separated in different "directories" according to the
functional area were they work on the organization. For instance:
\IT
\Commercial
\Users (generic ones)
\Financial

But while using the LdapLoginModule we can only search against one
directory. We believe that one of two things can happen... Either search
recursively against all the directories or be able to specify a set of
directories (in the configuration) were the search is done.

---------------------------------
The second one is:
Each user has a set of roles... Typically the user's roles will increase
a lot since for each report (I'm referring to a website that produces
financial information reports) that the user can access he will have a
set of roles... 
Typically we have three major groups of roles that most users will have
and than we have the exceptions... Those users that need to specifically
set roles. 

Suppose this is what we have:
User1   - role1
        - role2

User2 - role7
        - role8

What we'd like is to create 3 or 4 groups of roles and associate those
groups to the users. 

User1   - RoleGrp1 - role1
                 - role2

User2 - RoleGrp2 - role7
                 - role8

Once again, the problem is that while using the LdapLoginModule we can
only search against the first level of roles (if we have a group it
won't search inside of it). One choice would be to search recursively.
But if that is very complicated, being able to search two levels would
solve our problem.

-------------------------------

Can you help us with both of these problems?

Thanks in advance.


J. Diogo O. Ramos
mailto:[EMAIL PROTECTED]
_______________________________________
Critical Software, SA
http://www.criticalsoftware.com




-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to