[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-31 Thread jaco.joubert 
I think my role mapping question is basically answered by this thread:  
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=77709

Seems like I'll have to do this mapping myself, as the spec is not clear on 
this.

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934119#3934119

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934119


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-31 Thread jaco.joubert 
I'm glad you solved the roles problem in your configuration.

With this configuration, you are mapping your groups in LDAP directly to the 
security roles configured in your JBoss deployments.  This means that you are 
effectively using the same group / role names.

Does anyone know if it's possible to map your LDAP (or whichever auth store you 
use) groups to different role names in JBoss.

Let's say I have a group called "Administrators" in my LDAP store, but I want 
to use a role named "app-admin" in my deployed applications.  All users in the 
"Administrators" group should be mapped to "app-admin" for J2EE security 
purposes.

Is there a standard way of doing this mapping, or should I do it in a custom 
way with my own LoginModule?

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3934108#3934108

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3934108


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-31 Thread cwad0000 
works now, had to change the above config to


  | ...
  | OU=All 
Users,DC=DOMAIN,DC=COM
  | (sAMAccountName={0})
  | ...
  | 

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933971#3933971

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933971


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-30 Thread cwad0000 
hm, had some errors in the above config please ignore it,as far as I can see 
the code below should be correct
it still does not work though, same problem: I get authenticated but it says 
that I do not have the specified role.


  | 
  |   
  | 
  |   com.sun.jndi.ldap.LdapCtxFactory
  |   ldap://somedomain.com:389/
  |   simple
  |   [EMAIL PROTECTED]
  |   password
  |   OU=All 
Users,DC=DOMAIN,DC=COM
  |   (sAMAccountName={0})
  |   OU=AllCorporateGroups,DC=DOMAIN,DC=COM
  |   (member={1})
  |   true
  |   memberOf
  |   cn
  |   -1
  | 
  |   
  | 
  | 

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933708#3933708

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933708


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-29 Thread cwad0000 
thanks for the replies,

I have read those pages (and all other information I could find)...
Am I wrong in assuming that I need to do a mapping of my group names in active 
directory to the role names defined in web.xml?

this is my login-config.xml


  

  com.sun.jndi.ldap.LdapCtxFactory
  ldap://somedomain.com:389/
  simple
  [EMAIL PROTECTED]
  PASSWORD
  OU=All 
Users,DC=DOMAIN,DC=COM
  (sAMAccountName={0})
  OU=AllCorporateGroups,DC=DOMAIN,DC=COM
  (member={0})
  cn
  memberOf
  cn
  -1

  


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933596#3933596

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933596


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-29 Thread [EMAIL PROTECTED] 
http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule
http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapLoginModule

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933516#3933516

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933516


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Mapping ldap groups to jboss roles? where?

2006-03-29 Thread schuller007 
How did you define your Active Directory connection?

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933472#3933472

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933472


---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user