geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-4818) Can not configure username and password of logging in the server through ldap
Date Fri, 28 Aug 2009 06:56:59 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-4818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12748693#action_12748693
] 

David Jencks commented on GERONIMO-4818:
----------------------------------------

1. If possible, could you re-attach your patches granting license to use them to asf (check
box on attach file form).  Then we can try to set up an integration test or sample showing
how to do this.  I failed the last time I looked at this because I couldn't determine a reasonable
ldap schama, a problem you have apparently solved

2. I __STRONGLY__ recommend approaching this by replacing server-security-config entirely
with a new plugin with the actual server security setup you want: server-security-config as
shipped is a toy example to demonstrate that the server works.

3. If you build the plugin with maven and the car-maven-plugin you can include an artifact-alias
so your plugin will replace the server-security-config plugin the next time the server starts.

There is some advice on how to do (3) in slides from a presentation, http://people.apache.org/~djencks/AdministeringGeronimo.pdf.
 I had a sample project working at one point but I can't find it right now.

> Can not configure username and password of logging in the server through ldap
> -----------------------------------------------------------------------------
>
>                 Key: GERONIMO-4818
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4818
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security, Tomcat
>    Affects Versions: 2.2
>         Environment: xp:sp2
> jdk 1.6
>            Reporter: liangkun
>         Attachments: geronimo-realm.ldif, ldap.xml
>
>
> 1.Setup Apache Directory Server
> 2.Copy geronimo-real.ldif  to your ldap server and run command to import your ldap entries:
> $ ldapmodify -h [your_ldap_server_ip] -p 10389 -D "uid=admin,ou=system" -w secret -a
-f [your_geronimo-realm_path] 
> aslo you can use other 3-rd party directory client tool such as Apache directory studio
to import this ldap file.
> 3.Customize ldap server ip : <log:option name="connectionURL">ldap://<your host
ip>:10389</log:option> in  ldap.xml and copy it to your wasce server , and go to
wasce server bin directory and run command:
>   deploy.sh/bat --user system --password manager deploy <deployment_plan_home>/ldap.xml
>   also you can deploy it via admin console "deploy new"->"achive plan" :ldap.xml
> 4.Shutdown wasce server, and modify $your_geronimo_server/var/config/config.xml as below:
>     change <module name="org.apache.geronimo.framework/server-security-config/2.1.4/car"/>
to
> <module name="org.apache.geronimo.framework/server-security-config/2.1.4/car">
> <gbean name="geronimo-admin" load="false"/>
> </module>
> 5.Restart Geronimo server, and login it with username: test, password: manager. 
> 5.Restart geronimo  server, and login it with username: test, password: manager. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message