-
1. Re: Login with LDAP into the management console
nickarls Nov 26, 2012 2:24 AM (in response to pjbijl567)The documentation doesn't give any hints that would indicate it to be possible.
-
2. Re: Login with LDAP into the management console
pjbijl567 Nov 26, 2012 3:44 AM (in response to nickarls)I think it should be possible when you use a ldap filter using memberOf.
This is what I already found out. The problem is getting it to work within the own environment. It would be nice if there was some more documentation about this subject. It is a common scenario for a production environment.
-
3. Re: Login with LDAP into the management console
jaikiran Nov 26, 2012 9:20 AM (in response to pjbijl567)Peter Bijl wrote:
Is it also possible to restrict on groups?
For instance only people which belong to a certain ldap group are allowed to login to the management console.
Darran pointed me to a couple of JIRAs you might be interested in watching:
-
4. Re: Login with LDAP into the management console
pjbijl567 Nov 26, 2012 3:21 PM (in response to jaikiran)I managed to get a working solution with Active Directory 2008R2:
host.xml
======
<security-realm name="ManagementRealmLDAP">
<authentication>
<ldap connection="ldap_connection" recursive="true" base-dn="CN=Users,DC=petersplanet,DC=corp">
<advanced-filter filter="(&(sAMAccountName={0})(memberOf=CN=JBossAdmins,CN=Users,DC=petersplanet,DC=corp))"/>
</ldap>
</authentication>
</security-realm>
<outbound-connections>
<ldap name="ldap_connection" url="ldap://win17:389" search-dn="CN=ldapuser,CN=Users,DC=petersplanet,DC=corp" search-credential="secret"/>
</outbound-connections>