-
1. Re: HOWTO: Replace portal authentication and authorization
theute Feb 12, 2007 3:53 PM (in response to arnieaustin)The classes are part of the 'identity' module.
-
2. Re: HOWTO: Replace portal authentication and authorization
dleerob Feb 13, 2007 1:17 AM (in response to arnieaustin)I had some issues when enabling LDAP authentication using JBoss Portal 2.4.1. The authentication worked, but the securities did not. This is what I ended up doing. Maybe it will help you in some way:
- I downloaded the source (2.4.1) so I could build the JBoss Portal myself.
- I DID NOT enable LDAP authenitcation and used the standard setup that comes with JBoss Portal.
- I created all the users I wanted in JBoss Portal the usual way, all with the same password, for example, "mypassword", but made sure that each username corresponded to the user name in my LDAP directory.
- I downloaded the JLdap library from www.openldap.org.
- I put the jar file in the portal lib directory.
- I added the jar file to jboss-portal-2.4.1-src\thirdparty.
- Added the classpath to jboss-portal-2.4.1-src\identity\build.xml.
- I edited jboss-portal-2.4.1-src\identity\src\main\org\jboss\portal\identity\auth\IdentityLoginModule in the JBoss Portal source code and added my own LDAPAuthentication method.
- In IdentityLoginModule, I edited the method validatePassword, and at the top of it, I called my LDAPAuthentication method with the supplied username and password, which then returned true if LDAP authenitcation passed, or false if it failed. If true was returned, I changed the supplied password to "mypassword" in validatePassword method, otherwise I changed it to "incorrect" or some other incorrect string. Now the rest of validatePassword method continues normally, and will login the user locally if they used their correct LDAP password.
- I built the portal source from scratch, and my customized LDAP authentication worked perfectly.
A workaround I know, but it works, and hopefully will help someone else.
When JBoss Portal 2.6 is stable, I will upgrade to that, and all of this will probably fall away -
3. Re: HOWTO: Replace portal authentication and authorization
bdaw Feb 13, 2007 4:56 AM (in response to arnieaustin)
arnieAustin: UserModule and RoleModule are interfaces that you need to implement. UserModuleImpl and RoleModuleImpl are JBP implementation you can use as an example. To plug in your implementation change those class names in core/src/resources/portal-sar/META-INF/jboss-service.xml
dleerob: Did you try using LdapLoginModule from JBossSX and adding all the users in LDAP to a role called "Authenticated"?
JBoss Portal 2.6 will come with some ready implementations of user/roles modules for LDAP -
4. Re: HOWTO: Replace portal authentication and authorization
dleerob Feb 14, 2007 1:54 AM (in response to arnieaustin)bdaw: I followed the wiki at: http://wiki.jboss.org/wiki/Wiki.jsp?page=UsingAnLDAPSourceForPortalAuthentication
I did create a role "Authenticated" in LDAP and assign it to everyone in our company.
The LDAP authentication did work, but because I also had to create users locally to match the users in LDAP, the securities to pages etc did not work when I used the LDAP password for a user. It only worked when using the local JBoss password for that user. That's why I ended up with my own workaround. Seemed no one could help. -
5. Re: HOWTO: Replace portal authentication and authorization
nm-156 Sep 10, 2007 1:36 PM (in response to arnieaustin)PostPosted: Tue Feb 13, 2007 04:56 AM Post subject: Re: HOWTO: Replace portal authentication and authorization
arnieAustin: UserModule and RoleModule are interfaces that you need to implement. UserModuleImpl and RoleModuleImpl are JBP implementation you can use as an example. To plug in your implementation change those class names in core/src/resources/portal-sar/META-INF/jboss-service.xml
dleerob: Did you try using LdapLoginModule from JBossSX and adding all the users in LDAP to a role called "Authenticated"?
JBoss Portal 2.6 will come with some ready implementations of user/roles modules for LDAP
I am looking at the jboss-service.xml file under my portal .sar directory (JBP 2.6.1), but I am not getting any matches when I scan for UserModuleImpl or RoleModuleImpl. Which entries have to be changed to plug in custom login/role implementations?
Thanks.