-
1. Re: LDAP Roles and Authorization
bdaw Apr 29, 2010 12:45 PM (in response to fredcurry)http://community.jboss.org/wiki/GateInIdentityandSecurityFAQ - Q3
Just make all users to members in the /Platform/users group with group management portlet. If you have the /Platform/users group created in LDAP (as I can see in the screenshot) then you can also just add them manually in LDAP by adding all user DNs to the "member=" attribute values in this entry (cn=users, cn=Platform,o=portal,o=gatein,dc=example,dc=com)
-
2. Re: LDAP Roles and Authorization
fredcurry Apr 29, 2010 1:02 PM (in response to bdaw)Do I need to have the /Platform/users group? Ideally, I'd rather not use the out-of-the box roles at all, and drive the portal completely off of my top-level Roles container (eg platform/users becomes Roles/realtors, platform/administrators becomes Roles/administrators, etc...) . This would ultimately allow me to remove the gatein container entirely.
Based on Question 3 in the FAQ, what path would I use to reference Roles/realtors?
Fred
-
3. Re: LDAP Roles and Authorization
bdaw Apr 30, 2010 5:01 AM (in response to fredcurry)Groups under /Platform are builtin and a lot of permisions rely on them. I think nothing is hardcoded but to get rid of them you will need to reedit portal configuration files that you can find under "gatein.ear/02portal.war/WEB-INF/conf/portal" and swap with your own group and users.
For your group look in the group management portlet and see where it is displayed. This is the tree structure that you simply construct from root with /.