LdapAuthenticator
From Resin 3.0
(Difference between revisions)
Line 38: | Line 38: | ||
<init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted. | <init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted. | ||
Custom LoginModule implementations retrieve the init-param values in the initialize method: | Custom LoginModule implementations retrieve the init-param values in the initialize method: | ||
+ | |||
+ | = JAAS and LDAP = | ||
+ | |||
+ | {{:LDAP authentication}} |
Revision as of 00:01, 13 April 2006
Resin provides a LdapAuthenticator for the usage of any JAAS LoginModule.
Contents |
Example
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.LdapAuthenticator"> <init> <jndi-env java.naming.factory.initial="test.DirInitialContextFactory"/> <dn-suffix>dc=example,dc=com</dn-suffix> <user-attribute>cn</user-attribute> <password-attribute>password</password-attribute> </init> </authenticator> </web-app>
<init> directives
tag | description |
---|---|
jndi-env | name/value attribute for assigning JNDI environment attributes |
dn-prefix | prefix string to add to the user name to create the full name |
dn-suffix | suffix string to add to the user name to create the full name |
user-attribute | attribute name for the user to create the full name, e.g. uid |
password-attribute | attribute name containing the password |
<init-param> directives are used to configure the properties of the LoginModule. Existing LoginModules provide documentation of the init-param that are accepted.
Custom LoginModule implementations retrieve the init-param values in the initialize method:
JAAS and LDAP
The Sun JDK includes a JndiLoginModule, which in turn is used with Resin's JaasAuthenticator to authenticate against an LDAP server.
Example
resin-web.xml
<web-app xmlns="http://caucho.com/ns/resin"> <authenticator type="com.caucho.server.security.JaasAuthenticator"> <init> <login-module>com.sun.security.auth.module.JndiLoginModule</login-module> <init-param user.provider.url="ldap://ldap.hogwarts.com/ou=People"/> <init-param group.provider.url="ldap://ldap.hogwarts.com/ou=Groups"/> <init-param debug="true"/> </init> </authenticator> </web-app>
<init-param> directives
directive | description | default |
---|---|---|
debug | If true, show debug information on stdout | false |