Hi there
Currently Fediz IDP/STS supports files and ldap. It is documented here (section
"configure ldap directory) what to do to configure an LDAP directory:
http://cxf.apache.org/fediz-idp.html
Two classes were required to add LDAP support and similar implementations you
need for a datasource backend:
- JAAS LoginModule for the database (which does the authentication piece)
- ClaimsHandler for the database (which provides the role and other claims
information)
Then you have to configure the JAAS login module similar to the LdapLoginModule:
mysource {
com.sun.security.auth.module.LdapLoginModule REQUIRED
userProvider=ldap://ldap.mycompany.org:389/OU=Users,DC=mycompany,DC=org";
authIdentity="cn={USERNAME},OU=Users,DC=mycompany,DC=org"
useSSL=false
debug=true;
};
And configure the datasource claims handler implementation:
<bean id="dsClaimsHandler"
class="MyDatasourceClaimsHandler">
<property name="whatever"
value="value" />
</bean>
That's all. HTH
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
From: Alrick Telfer [[email protected]]
Sent: 07 January 2013 17:57
To: [email protected]
Subject: Changing the user/role data source for Fediz IdP running on Tomcat 7
to a dynamic source
Hey guys,
CXF version: 2.7.1
Fediz version: 1.0.2
I'm relatively new to CXF and Fediz, so please bare with me and my
ignorance.
I'm trying to set up the Fediz IdP server to use a custom class or database
as it's source of identity and role info. Right now you guys have a few xml
files that provide that data, but we need the data to be dynamic. Can you
guys lead me in the right direction to setting this up correctly? Remember,
I'm pretty new, so please give me as much info as you are able to give.
Thanks much!
--
*Alrick Telfer*
