Hi JB How can I tell which login module is used for authentication (LDAP) and which for authorization (PropertiesFile)? If I configure a list of login modules, I thought JAAS will login with username/password in each login module.
Thanks Oli ________________________________________ From: Jean-Baptiste Onofré [[email protected]] Sent: 22 August 2013 10:20 To: [email protected] Subject: Re: LDAP authentication must role management in properties file Hi, yes, the same realm (let say Karaf) can use several login module. It's leverage JAAS. You can do that directly with the jaas:* commands. Or you can define both login modules in the same blueprint and define a rank for the login module: <jaas:config name="myrealm"> <jaas:module className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule" flags="required"> users = $[karaf.base]/etc/users.properties </jaas:module> <jaas:module className="org.apache.karaf.jaas.modules.ldap.LdapLoginModule ...."/> </jaas:config> You have more details here: http://karaf.apache.org/manual/latest-2.3.x/developers-guide/security-framework.html Regards JB On 08/22/2013 10:14 AM, Oliver Wulff wrote: > Hi there > > I'm looking for a solution to use the LDAP Login Module only for > authentication and another module (ex. PropertiesLoginModule) to manage > the roles? > > Thanks > > Oli > -- Jean-Baptiste Onofré [email protected] http://blog.nanthrax.net Talend - http://www.talend.com
