[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
I think my role mapping question is basically answered by this thread: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=77709 Seems like I'll have to do this mapping myself, as the spec is not clear on this. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934119#3934119 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934119 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
I'm glad you solved the roles problem in your configuration. With this configuration, you are mapping your groups in LDAP directly to the security roles configured in your JBoss deployments. This means that you are effectively using the same group / role names. Does anyone know if it's possible to map your LDAP (or whichever auth store you use) groups to different role names in JBoss. Let's say I have a group called "Administrators" in my LDAP store, but I want to use a role named "app-admin" in my deployed applications. All users in the "Administrators" group should be mapped to "app-admin" for J2EE security purposes. Is there a standard way of doing this mapping, or should I do it in a custom way with my own LoginModule? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934108#3934108 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934108 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
works now, had to change the above config to | ... | OU=All Users,DC=DOMAIN,DC=COM | (sAMAccountName={0}) | ... | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933971#3933971 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933971 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
hm, had some errors in the above config please ignore it,as far as I can see the code below should be correct it still does not work though, same problem: I get authenticated but it says that I do not have the specified role. | | | | com.sun.jndi.ldap.LdapCtxFactory | ldap://somedomain.com:389/ | simple | [EMAIL PROTECTED] | password | OU=All Users,DC=DOMAIN,DC=COM | (sAMAccountName={0}) | OU=AllCorporateGroups,DC=DOMAIN,DC=COM | (member={1}) | true | memberOf | cn | -1 | | | | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933708#3933708 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933708 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
thanks for the replies, I have read those pages (and all other information I could find)... Am I wrong in assuming that I need to do a mapping of my group names in active directory to the role names defined in web.xml? this is my login-config.xml com.sun.jndi.ldap.LdapCtxFactory ldap://somedomain.com:389/ simple [EMAIL PROTECTED] PASSWORD OU=All Users,DC=DOMAIN,DC=COM (sAMAccountName={0}) OU=AllCorporateGroups,DC=DOMAIN,DC=COM (member={0}) cn memberOf cn -1 View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933596#3933596 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933596 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapLoginModule View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933516#3933516 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933516 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?
How did you define your Active Directory connection? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933472#3933472 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933472 --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user