Diferent atribute to math roles in LdapLoginModule
lucasam Aug 9, 2004 9:48 AMThat's the deal
The users in my ldap server are as the folowing
CN=Lucas Alves Machado - Company objectclass=dominioPerson uid=lucasa
And the roles are
CN=RoleName objectclass=dominioGroup member=Lucas Alves Machado - Company member=Foo of Bar - Company
I am authenticating using username = lucasa, password=****
The autentication goes fine but i need to search for roles using the CN atribute of the user object. I found at the documentation a way to change the "context" of the roles but not the "atribute name"
the LDAP query to match my group would be as
(&(objectclass=dominioGroup)(member=Lucas Alves Machado - Company))
The problem is that i authenticate using lucasa and not "Lucas Alves Machado - Company"
Actualy my login-config.xml has the folowing
<application-policy name="jndiTest"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://10.XX.XX.XX:389/</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="principalDNPrefix"></module-option> <module-option name="principalDNSuffix"></module-option> <module-option name="rolesCtxDN">objectclass=dominoGroup</module-option> <module-option name="roleAttributeID">CN</module-option> <module-option name="uidAttributeID">member</module-option> <module-option name="matchOnUserDN">false</module-option> </login-module> </authentication> </application-policy>
and the log is as folowing
2004-07-09 10:22:34,263 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@25ef73 2004-07-09 10:22:34,264 DEBUG [org.jboss.security.plugins.JaasSecurityManager.jndiTest] CachePolicy set to: org.jboss.util.TimedCachePolicy@8b6c39 2004-07-09 10:22:34,264 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@8b6c39 2004-07-09 10:22:34,264 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added jndiTest, org.jboss.security.plugins.SecurityDomainContext@16e334a to map
Regards,
Lucas Machado