karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: LDAP authentication must role management in properties file
Date Thu, 22 Aug 2013 08:20:35 GMT
Hi,

yes, the same realm (let say Karaf) can use several login module. It's 
leverage JAAS.

You can do that directly with the jaas:* commands.

Or you can define both login modules in the same blueprint and define a 
rank for the login module:

     <jaas:config name="myrealm">
         <jaas:module 
className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"
                      flags="required">
             users = $[karaf.base]/etc/users.properties
         </jaas:module>
	<jaas:module 
className="org.apache.karaf.jaas.modules.ldap.LdapLoginModule ...."/>
     </jaas:config>

You have more details here:
http://karaf.apache.org/manual/latest-2.3.x/developers-guide/security-framework.html

Regards
JB

On 08/22/2013 10:14 AM, Oliver Wulff wrote:
> Hi there
>
> I'm looking for a solution to use the LDAP Login Module only for
> authentication and another module (ex. PropertiesLoginModule) to manage
> the roles?
>
> Thanks
>
> Oli
>

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message