2 Replies Latest reply on Mar 28, 2011 9:52 AM by Daryl Hoyt

    Setting the LDAP role for Karaf

    Daryl Hoyt Newbie

      I have LDAP setup in my ServiceMix 4 environment using the ldap-module.xml file.  The issue is that as long as a user on the LDAP server has a valid login, they can sign into karaf.  What I would really like is to only allow login if the user is a member of the smxAdmin group (cn=smxAdmin,ou=roles,dc=example,dc=com).  I looked at both the org.apache.karaf.shell.cfg and system.properties files, but I don't see a place to add the role I want to compare against.  I'd like to use this with all Karaf logins (karaf, SSH, and Web Console). 

       

       

      Any idea how I can accomplish this?

        • 1. Re: Setting the LDAP role for Karaf
          Torsten Mielke Apprentice

          It is currently not possible to specify a different admin role name in ServiceMix 4.3.

          ServiceMix 4.4 will use Karaf 2.2 and will then allow to specify the admin role name in etc/system.properties in the configuration variable

          karaf.admin.role=admin

           

          But again, this is currently not possible in ServiceMix 4.3.1. Right now the role name needs to be called "admin".

           

          Also see ESB-1409

          • 2. Re: Setting the LDAP role for Karaf
            Daryl Hoyt Newbie

            I added a new role named admin (cn=admin,ou=roles,dc=example,dc=com), and added a couple users to it.  I tried again, and I can still get in with users who are members and users who are not members of that admin group.  Any ideas why?

             

            Also,  any idea when 4.4 will be released?