-
1. Re: Does jboss-portal 2.0 support LDAP?
xgj6688 Oct 17, 2005 10:24 PM (in response to xgj6688)sorry I make mistakes in my question.
It should be:
Does portal 2.0 support LDAP? Can I implement LDAP authentication in PORTAL? If I can, how about the steps?Thanks. -
2. Re: Does jboss-portal 2.0 support LDAP?
bsmithjj Oct 18, 2005 4:00 PM (in response to xgj6688)Does jboss-portal 2.0 support LDAP?
The portal does not support LDAP as a repository for portal roles...sort of.
What's happening is that your LDAP is not supplying the roles used by the JBoss Portal. The portal comes with two roles out-of-the-box:
* Admin
* User
You should review JBoss AS 4.0.X Server Guide (chapter 8 on security) to determine how you want to integrate your LDAP authentication with JBoss Portal. What I did for this was to implement a custom JAAS LoginModule (using JBoss SX base class) and after authenticating against our internal LDAP system, I automatically inserted a user into the portal's database with the User role (if he/she did not exist in the database). I also 'borrowed' some of the code from the JBoss Portal HibernateLoginModule class - specifically the code that gets the roles for a user. The result was a login module that used our corporate LDAP system AND JBoss Portal's DB to authenticate and authorize a user for the portal.
Hope this helps. -
3. Re: Does jboss-portal 2.0 support LDAP?
julien1 Oct 18, 2005 6:48 PM (in response to xgj6688)did you think about stacking the login modules instead of merging the code ?
-
4. Re: Does jboss-portal 2.0 support LDAP?
xgj6688 Oct 18, 2005 9:20 PM (in response to xgj6688)Thank Brad and Viet. Your raplies are so helpful. Brad's method is good, I think.
-
5. Re: Does jboss-portal 2.0 support LDAP?
julien1 Oct 18, 2005 9:32 PM (in response to xgj6688)yes it works. my point is about avoiding to fork code.
"xgj6688" wrote:
Thank Brad and Viet. Your raplies are so helpful. Brad's method is good, I think. -
6. Re: Does jboss-portal 2.0 support LDAP?
xgj6688 Oct 18, 2005 9:47 PM (in response to xgj6688)Thanks Viet. I am new to jBoss AS and portal, but I believe stacking the login modules to avoid fork code is a wonderful idea.
Thanks Viet and Brad again. -
7. Re: Does jboss-portal 2.0 support LDAP? STACKING vs. MERGING
bsmithjj Oct 19, 2005 8:17 AM (in response to xgj6688)Hi Julien,
Yes - I thought about stacking. At the time I wrote my LoginModule, I was under a deadline and was having some issues getting stacking to work the way I wanted. In hindsight, I should probably revisit the LoginModule-stacking approach and see if I can get it to work the way I want.
Thanks,
Brad
PS - there's no 'forking' of JBoss code; I simply created a new LoginModule in my system that borrows some of your HibernateLoginModule code. -
8. Re: Does jboss-portal 2.0 support LDAP?
julien1 Oct 19, 2005 8:27 AM (in response to xgj6688)I meant "fork" for the sake of avoiding duplication that makes then your code a problem to maintain when our code will evolve.
-
9. Re: Does jboss-portal 2.0 support LDAP?
cherngje Oct 19, 2005 3:30 PM (in response to xgj6688)"julien@jboss.com" wrote:
I meant "fork" for the sake of avoiding duplication that makes then your code a problem to maintain when our code will evolve.
I am having the exact same issues with the LDAP integration (same error message after I modify the login-config.xml and jboss-web.xml). Now, my boss would like me to write our own login module instead of waiting for jboss's code to be evolved. At this point I would like to try the idea of "stacking", however, could anyone give me a little detail about "stacking"? Some type of concept or abstraction description will be good enough. I can google for the rest of information.
Thanks a lot. -
10. Re: Does jboss-portal 2.0 support LDAP?
david.calvente Nov 2, 2005 3:05 AM (in response to xgj6688)I´m at the same point and I wonder if some one has reached any further steps.
I think stacking is the way, but I need some help on this to continue.
If I finish succesfully, I promise I post a WIKI explaining my work
Thanks
David -
11. Re: Does jboss-portal 2.0 support LDAP?
julien1 Nov 2, 2005 3:21 AM (in response to xgj6688)I have received a contribution from patrick that works in 2.0 and goes farther in the integration as it implements parts of the UserModule and RoleModule.
Also it is supposed to work only with MSAD, but the code uses LDAP interface, so I am wondering if this is compatible with any LDAP server.
I would like to have a solution that works for both, probably refactoring patrick's work is the best. -
12. Re: Does jboss-portal 2.0 support LDAP?
david.calvente Nov 2, 2005 4:12 AM (in response to xgj6688)Can i have access to it? Could you e-mail me that contribution?
So I could work itn that direction.
Thanks
David -
13. Re: Does jboss-portal 2.0 support LDAP?
rincewind23 Nov 2, 2005 8:58 PM (in response to xgj6688)I'd also be interested in seeing this code - I'd like to see if I can get it working against Novell's eDirectory.
Cheers,
KEv. -
14. Re: Does jboss-portal 2.0 support LDAP?
julien1 Nov 2, 2005 9:08 PM (in response to xgj6688)I think I need to ask Patrick because he did not sign any agreement and the code is his property.
Send me your mail address and I will ask him to send you this code.