archiva-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eveni...@apache.org
Subject svn commit: r682713 - /archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml
Date Tue, 05 Aug 2008 13:56:29 GMT
Author: evenisse
Date: Tue Aug  5 06:56:28 2008
New Revision: 682713

URL: http://svn.apache.org/viewvc?rev=682713&view=rev
Log:
Add LDAP snippet

Modified:
    archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml

Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml?rev=682713&r1=682712&r2=682713&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml
(original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml
Tue Aug  5 06:56:28 2008
@@ -219,6 +219,171 @@
         </requirement>
       </requirements>
     </component>
+
+    <!-- START SNIPPET: ldap -->
+    <!-- 
+       Ldap Authentication can be enabled by setting enabling these components and setting
the following configuration options in your security.properties file
+
+       ============================================================
+       user.manager.impl=ldap
+       ldap.bind.authenticator.enabled=true
+       redback.default.admin=admin
+       redback.default.guest=guest
+       security.policy.password.expiration.enabled=false
+
+       ldap.config.hostname=ldap.hostname
+       ldap.config.port=389
+       ldap.config.base.dn=o=com
+       ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory
+       ldap.config.bind.dn=uid=myusername,o=com
+       ldap.config.password=s3cr3t
+       #ldap.config.authentication.method=
+       ============================================================
+
+       * ldap.config.hostname - The hostname of the ldap server
+       * ldap.config.port - The port of the ldap server
+       * ldap.config.base.dn - The baseDn of the ldap system
+       * ldap.config.context.factory - context factory for ldap connections
+       * ldap.config.bind.dn - the core user used for authentication the ldap server, must
be able to perform the necessary searches, etc.
+       * ldap.config.password - password for the bindDn for the root ldap connection
+
+       until this process is better documented, the following is the document for configuration
ldap with redback
+      
+       http://redback.codehaus.org/integration/ldap.html
+    -->
+
+    <!--
+    
+    this component manages the connection to the ldap server
+     -->
+
+    <!-- component>
+      <role>org.codehaus.plexus.redback.common.ldap.connection.LdapConnectionFactory</role>
+      <role-hint>configurable</role-hint>
+      <implementation>org.codehaus.plexus.redback.common.ldap.connection.ConfigurableLdapConnectionFactory</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
+        </requirement>
+      </requirements>
+    </component-->
+    
+    <!-- 
+    
+    this component manages the mapping of attributes in ldap to user information in redback.
To configure the mapping, you can add the following properties in your security.properties
+
+       ============================================================
+       ldap.config.mapper.attribute.email=mail
+       ldap.config.mapper.attribute.fullname=givenName
+       ldap.config.mapper.attribute.password=userPassword
+       ldap.config.mapper.attribute.user.id=cn
+       ldap.config.mapper.attribute.user.base.dn=
+       ldap.config.mapper.attribute.user.object.class=inetOrgPerson
+       ldap.config.mapper.attribute.user.filter=(attributeName=value)
+       ============================================================
+
+
+     * email-attribute - The name of the attribute on a user that contains the email address
+     * full-name-attribute - The name of the attribute on a user that contains the users
fullName
+     * password-attribute - The name of the attribute containing the users password, used
for the authentiction using the user manager and not the ldap bind authenticator
+     * user-id-attribute - The name of the attribute containing the users userId, most commonly
cn or sn.
+     * user-base-dn - The base dn that will be subtree searched for users.
+     * user-object-class - the objectClass used in the ldap server for indentifying users,
most commonly inetOrgPerson.
+     -->
+    
+    <!-- component>
+      <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
+      <role-hint>ldap</role-hint>
+      <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
+      <configuration>
+        <email-attribute>email</email-attribute>
+        <full-name-attribute>givenName</full-name-attribute>
+        <password-attribute>userPassword</password-attribute>
+        <user-id-attribute>cn</user-id-attribute>
+        <user-base-dn>o=com</user-base-dn>
+        <user-object-class>inetOrgPerson</user-object-class>
+      </configuration>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
+        </requirement>
+      </requirements>
+    </component-->
+    
+    <!--
+     
+    If caching is desired to improve performance then make uncomment this and make sure the
following configuration parameter is in the security.properties
+     
+    user.manager.impl=cached
+    -->
+     
+    <!-- component>
+      <role>org.codehaus.plexus.redback.users.UserManager</role>
+      <role-hint>cached</role-hint>
+      <implementation>org.codehaus.plexus.redback.users.cached.CachedUserManager</implementation>
+      <description>CachedUserManager</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>ldap</role-hint>
+          <field-name>userImpl</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.ehcache.EhcacheComponent</role>
+          <role-hint>users</role-hint>
+          <field-name>usersCache</field-name>
+        </requirement>
+      </requirements>
+    </component-->
+    
+    <!-- 
+    
+    if using the user manager authenticator to authenticate the user and not the ldap bind
authenticator make sure
+    this definition has the correct password encoder
+    
+    Note: you should probably just use the ldap bind authenticator which is enabled by putting
+    
+    ldap.bind.authenticator.enabled=true
+    
+    in the security.properties
+    -->
+    
+    <!-- component>
+      <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.policy.DefaultUserSecurityPolicy</implementation>
+      <description>User Security Policy.</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
+          <field-name>config</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.PasswordEncoder</role>
+          <role-hint>sha1</role-hint>
+          <field-name>passwordEncoder</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.UserValidationSettings</role>
+          <field-name>userValidationSettings</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.CookieSettings</role>
+          <role-hint>rememberMe</role-hint>
+          <field-name>rememberMeCookieSettings</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.CookieSettings</role>
+          <role-hint>signon</role-hint>
+          <field-name>signonCookieSettings</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.PasswordRule</role>
+          <field-name>rules</field-name>
+        </requirement>
+      </requirements>
+    </component-->
+    <!-- END SNIPPET: ldap -->
   </components>
 
   <lifecycle-handler-manager implementation="org.codehaus.plexus.lifecycle.DefaultLifecycleHandlerManager">



Mime
View raw message