portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "JamesLiao (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] Updated: (JS2-188) Implement the LDAP
Date Sun, 29 May 2005 01:46:53 GMT
     [ http://issues.apache.org/jira/browse/JS2-188?page=all ]

JamesLiao updated JS2-188:
--------------------------

    Attachment: assembly.zip

The current Ldap module is ok, but there are some errors here.
The following is detail to make it work.
1. Replace the last bean definition named placeholderConfig in jetspeed-spring.xml with the
following:
   <!-- Adds jetspeed.properties as our configuration object to support ${...} vars -->
   <!-- ${applicationRoot} is acutally set as a system property via the SpringEngine -->

   <bean id="placeholderConfig"
       class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
     <property name="locations">
	<list>
	   <value>file:///${applicationRoot}/WEB-INF/conf/jetspeed.properties</value>
	   <value>file:///${applicationRoot}/WEB-INF/conf/ldap.properties</value>
	</list>
     </property>
   </bean>

2. Add a bean definition into security-providers.xml
   <bean id="org.apache.jetspeed.security.LdapAuthenticationProvider" 
  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"
   >  	   
      <constructor-arg index="0"><value>LdapAuthenticator</value></constructor-arg>
      <constructor-arg index="1"><value>The ldap authenticator</value></constructor-arg>
      <constructor-arg index="2"><value>login.conf</value></constructor-arg>
      <constructor-arg index="3"><ref bean="org.apache.jetspeed.security.spi.LdapCredentialHandler"/></constructor-arg>
      <constructor-arg index="4"><ref bean="org.apache.jetspeed.security.spi.LdapUserSecurityHandler"/></constructor-arg>
  </bean>

3. Add the above reference bean into bean org.apache.jetspeed.security.AuthenticationProviderProxy
   <!-- Security: Authentication Provider Proxy -->
  <bean id="org.apache.jetspeed.security.AuthenticationProviderProxy" 
  	   class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"
  >  	   
     <constructor-arg >
       <list>
  	  <ref bean="org.apache.jetspeed.security.AuthenticationProvider"/>
	  <ref bean="org.apache.jetspeed.security.LdapAuthenticationProvider"/>
       </list>
     </constructor-arg>
     <constructor-arg ><value>DefaultAuthenticator</value></constructor-arg>
  </bean>

4. Change the file security-spi-ldap-atn.xml as following:
   <beans>

  <!-- ************** Security SPI Handlers ************** -->
  <!-- Security SPI: LdapUserCredentialDao -->
  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDao" 
       class="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDaoImpl"
  >       
       <constructor-arg index="0"><value>${org.apache.jetspeed.ldap.ldapServerName}</value></constructor-arg>
      
       <constructor-arg index="1"><value>${org.apache.jetspeed.ldap.rootDn}</value></constructor-arg>
      
       <constructor-arg index="2"><value>${org.apache.jetspeed.ldap.rootPassword}</value></constructor-arg>
       <constructor-arg index="3"><value>${org.apache.jetspeed.ldap.rootContext}</value></constructor-arg>
 
       <constructor-arg index="4"><value>${org.apache.jetspeed.ldap.defaultDnSuffix}</value></constructor-arg>
       
  </bean>
  
  <!-- Security SPI: CredentialHandler -->
  <bean id="org.apache.jetspeed.security.spi.LdapCredentialHandler" 
       class="org.apache.jetspeed.security.spi.impl.LdapCredentialHandler"
  >       
       <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapUserCredentialDao"/></constructor-arg>
   
  </bean>
  
  <!-- Security SPI: UserSecurityHandler -->
  <bean id="org.apache.jetspeed.security.spi.LdapUserSecurityHandler" 
  	   class="org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler"
  >  	   
  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao"/></constructor-arg>
	   
  </bean>

  <!-- Security SPI: UserSecurityHandler -->
  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao" 
  	   class="org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl"
  >  	   
  	   <constructor-arg index="0"><value>${org.apache.jetspeed.ldap.ldapServerName}</value></constructor-arg>
      
       <constructor-arg index="1"><value>${org.apache.jetspeed.ldap.rootDn}</value></constructor-arg>
      
       <constructor-arg index="2"><value>${org.apache.jetspeed.ldap.rootPassword}</value></constructor-arg>
       <constructor-arg index="3"><value>${org.apache.jetspeed.ldap.rootContext}</value></constructor-arg>
 
       <constructor-arg index="4"><value>${org.apache.jetspeed.ldap.defaultDnSuffix}</value></constructor-arg>
	   
  </bean>
</beans>

Notes:
1. The above steps enable multi authentication providers(The default database and a customer's
ldap), so you can not 
remove the original security-spi-atn.xml.

2. The ldap entry which can be identified by J2 have many constrains like objectClass must
be jetspeed-2-user 
or jetspeed-2-group. I am thinking about can we make them all configurable through spring
bean definition.

You can check all my configuration file in attachments.

> Implement the LDAP
> ------------------
>
>          Key: JS2-188
>          URL: http://issues.apache.org/jira/browse/JS2-188
>      Project: Jetspeed 2
>         Type: Improvement
>   Components: Security
>     Reporter: J, Edgar Zavala
>  Attachments: assembly.zip, jetspeed-2-ldap-authentication.tar.gz
>
> Implement the LDAP integration using the SPI, provide the LDAP authenitcation option.
> TODO:
> 1.- Complete the current implementation and complete the David work in:
>    a) org.apache.jetspeed.security.spi.impl.LdapCredentialHandler
>    b) org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message