Hi,
I already successfully create a mapping for roles using this:
<security-domain name="trepr_auth" cache-type="default"> <authentication> <login-module code="LdapExtended" flag="required"> [...] </login-module> </authentication> <mapping> <mapping-module code="DatabaseRoles" type="role"> <module-option name="dsJndiName" value="java:jboss/datasources/AuthorizationDS"/> <module-option name="rolesQuery" value="SELECT REGRA FROM (SELECT c.CCOD_LOGIN AS login, f.CCOD_SIGLA AS regra FROM TB_SECMAN2_CREDENCIAL c, TB_SECMAN2_CREDENCIAL_PERFIL cp, TB_SECMAN2_PERFIL p, TB_SECMAN2_PERFIL_FUNCION pf, TB_SECMAN2_FUNCIONALIDADE f WHERE f.CCOD_OBJETO =pf.CCOD_OBJETO_FUNCIONALIDADE AND pf.CCOD_OBJETO_PERFIL =p.CCOD_OBJETO AND p.CCOD_OBJETO =cp.CCOD_OBJETO_PERFIL AND cp.CCOD_OBJETO_CREDENCIAL=c.CCOD_OBJETO UNION SELECT c.CCOD_LOGIN AS login, 'ADMIN' AS regra FROM TB_SECMAN2_CREDENCIAL c WHERE C.NSTA_ADMINISTRADOR = 1 ) WHERE login=?"/> </mapping-module> </mapping> </security-domain>
But how can I do mapping for attributes and principal.
For attributes I try this:
<mapping-module code="org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider" type="attribute"> <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> <module-option name="java.naming.provider.url" value="ldaps://10.6.40.242:3269"/> <module-option name="java.naming.security.authentication" value="simple"/> <module-option name="bindDN" value="***"/> <module-option name="bindCredential" value="***"/> <module-option name="baseCtxDN" value="***"/> <module-option name="baseFilter" value="(sAMAccountName={0})"/> <module-option name="searchTimeLimit" value="1000"/> <module-option name="attributeList" value="displayNamePrintable,employeeID,jpegPhoto"/> </mapping-module>
Without success, and, when I put this setting it breaks the already working role mapping above.
And, for last, I would like some guidelines to make a principal mapping.
Thanks!!!