get attributes of application-policy
schachi Oct 12, 2005 12:48 PMi have a web application running on JBoss 4.0.3rc1 which authenticates against a LDAP. everything works fine.
now, i have to search ldap for all existing roles.
jboss-service.xml
<mbean code="org.jboss.naming.ExternalContext" name="jboss.jndi:service=ExternalContext,jndiName=external/ldap/jboss"> <attribute name="JndiName">external/ldap/jboss</attribute> <attribute name="Properties"> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.url=ldap://localhost:389 java.naming.security.principal=cn=Manager,dc=eactAG,dc=ch java.naming.security.authentication=simple java.naming.security.credentials=testonetwoonetwo </attribute> <attribute name="InitialContext"> javax.naming.ldap.InitialLdapContext </attribute> <attribute name="RemoteAccess">true</attribute> </mbean>
try { InitialContext jndiContext = new InitialContext(); LdapContext ldapCtx = (LdapContext) jndiContext.lookup("external/ldap/jboss"); String filter = "(objectclass=*)"; String[] attrIDs = {"cn"}; SearchControls ctls = new SearchControls(); ctls.setReturningAttributes(attrIDs); ctls.setSearchScope(ctls.SUBTREE_SCOPE); NamingEnumeration answer = ldapCtx.search("ou=Roles,dc=eactAG,dc=ch", filter, ctls); while (answer.hasMore()) { SearchResult sr = (SearchResult)answer.next(); try{System.err.println((String)sr.getAttributes().get("cn").get());} catch (Exception ex) {} } } catch (Exception ex) { ex.printStackTrace(); }
works fine, but i have to make it more generic. one way is to pass the ldap-properties rolesctxdn and roleAttributeID, but i'm not pleased with it because
this informations are allready declared in the login-config.xml
(login-config.xml)
<authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.provider.url">ldap://localhost:389/</module-option> <module-option name="rolesCtxDN">ou=Roles,dc=eactAG,dc=ch</module-option> <module-option name="matchOnUserDN">true</module-option> <module-option name="principalDNSuffix">,ou=People,dc=eatAG,dc=ch</module-option> <module-option name="principalDNPrefix">uid=</module-option> <module-option name="uidAttributeID">member</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">false</module-option> <module-option name="unauthenticatedIdentity">guest</module-option> </login-module> </authentication>
is there a way to get this informations in a java-programm? i read the api (*securitymanager* +-), but i didn't found anything.
do i really have to admin this informations redudant?
thank you for reply
marc