Hi,
I already successfully create a mapping for roles using this:
<security-domain name="trepr_auth" cache-type="default">
<authentication>
<login-module code="LdapExtended" flag="required">
[...]
</login-module>
</authentication>
<mapping>
<mapping-module code="DatabaseRoles" type="role">
<module-option name="dsJndiName" value="java:jboss/datasources/AuthorizationDS"/>
<module-option name="rolesQuery" value="SELECT REGRA FROM (SELECT c.CCOD_LOGIN AS login, f.CCOD_SIGLA AS regra FROM TB_SECMAN2_CREDENCIAL c, TB_SECMAN2_CREDENCIAL_PERFIL cp, TB_SECMAN2_PERFIL p, TB_SECMAN2_PERFIL_FUNCION pf, TB_SECMAN2_FUNCIONALIDADE f WHERE f.CCOD_OBJETO =pf.CCOD_OBJETO_FUNCIONALIDADE AND pf.CCOD_OBJETO_PERFIL =p.CCOD_OBJETO AND p.CCOD_OBJETO =cp.CCOD_OBJETO_PERFIL AND cp.CCOD_OBJETO_CREDENCIAL=c.CCOD_OBJETO UNION SELECT c.CCOD_LOGIN AS login, 'ADMIN' AS regra FROM TB_SECMAN2_CREDENCIAL c WHERE C.NSTA_ADMINISTRADOR = 1 ) WHERE login=?"/>
</mapping-module>
</mapping>
</security-domain>
But how can I do mapping for attributes and principal.
For attributes I try this:
<mapping-module code="org.jboss.security.mapping.providers.attribute.LdapAttributeMappingProvider" type="attribute">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldaps://10.6.40.242:3269"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="***"/>
<module-option name="bindCredential" value="***"/>
<module-option name="baseCtxDN" value="***"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="searchTimeLimit" value="1000"/>
<module-option name="attributeList" value="displayNamePrintable,employeeID,jpegPhoto"/>
</mapping-module>
Without success, and, when I put this setting it breaks the already working role mapping above.
And, for last, I would like some guidelines to make a principal mapping.
Thanks!!!
