Índice
| Índice |
|---|
| outline | true |
|---|
| style | none |
|---|
| exclude | .*ndice |
|---|
|
Objective
The objective of this guide is to present the valid configurations for authentication in multiple AD servers using the LDAP protocol (Lightweight Directory Access Protocol).
Authentication settings across multiple AD Servers with LDAP Protocol
To define these configurations, the file <INSTALL
...
_FLUIG>\jboss\configuration\standalone.xml
...
needs
...
to
...
be
...
modified,
...
according
...
to
...
the
...
steps below:
| Deck of Cards |
|---|
| effectDuration | 0.5 |
|---|
| id | samples |
|---|
| history | false |
|---|
| effectType | fade |
|---|
|
| Card |
|---|
| default | true |
|---|
| id | 1 |
|---|
| label | Passo1 |
|---|
| |
below:</p>
<p> </p>
<a name="composition-deck-samples"></a>
<div id="samples" class="deck" history="false" loopcards="false"
effecttype="fade" effectduration="0.5" nextafter="0.0">
<ul class="tab-navigation"></ul>
<!-- // .tab-navigation -->
<div class="deck-cards panel" style="">
<div id="1" class="deck-card active-pane" style="" cssclass=""
accesskey="" label="Passo1" title="" nextafter="0"
effecttype="default" effectduration="-1.0">
<p> </p>
<ul>
<li><p>Look for the snippet below:</p>
<div class="code panel pdl" style="border-width: 1px;">
<div class="codeContent panelContent pdl">
<pre class="theme: Confluence; brush: html/xml; gutter: false"
style="font-size: 12px;"><security-domain name="TOTVSTech" cache-type="default">
|
|
<authentication><login<login-module code="com.totvs.foundation.auth.FoundationDatabaseServerLoginModule" flag="required" module="com.totvs.foundation.auth">
|
|
<module<module-option name="hashAlgorithm" value="MD5"/>
|
|
<module<module-option name="hashEncoding" value="HEX"/>
|
|
<module<module-option name="principalClass" value="com.totvs.technology.foundation.common.TOTVSTechPrincipal"/>
|
|
<<</security-domain></pre>
</div>
</div></li>
</ul>
</div>
<div id="2" class="deck-card " style="" cssclass="" accesskey=""
label="Passo 2" title="" nextafter="0" effecttype="default"
effectduration="-1.0">
<p> </p>
<div>
<ul>
<li><p>
Replace the tags structure <em>login-module</em> for the
following structure:
</p>
<div class="code panel pdl" style="border-width: 1px;">
<div class="codeContent panelContent pdl">
<pre class="theme: Confluence; brush: html/xml; gutter: false"
style="font-size: 12px;"><login-<module<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
|
|
<module<module-option name="java.naming.provider.url" value="ldap:// |
|
<SERVIDOR<PORTA<module<module-option name="java.naming.security.authentication" value="simple"/>
|
|
<module<module-option name="java.naming.security.protocol" value=""/>
|
|
<module<module-option name="java.naming.security.principal" value=" |
|
<USUARIO1>@<DOMINIO<module<module-option name="java.naming.security.credentials" value=" |
|
<SENHA<module<module-option name="uidAttributeID" value="sAMAccountName"/>
|
|
<module<module-option name="baseFilter" value="(sAMAccountName={0})"/>
|
|
<module<module-option name="loginCombinedWithDatabase" value="false"/>
|
|
<module<module-option name="baseCtxDN" value="DC= |
|
<ESTRUTURA<module<module-option name="rolesCtxDN" value="DC= |
|
<ESTRUTURA<module<module-option name="hashAlgorithm" value="MD5"/>
|
|
<module<module-option name="hashEncoding" value="HEX"/>
|
|
<<login<login-module code="com.totvs.foundation.auth.FoundationExtLdapLoginModule" flag="sufficient" module="com.totvs.foundation.auth">
|
|
<module<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
|
|
<module<module-option name="java.naming.provider.url" value="ldap:// |
|
<SERVIDOR<PORTA<module<module-option name="java.naming.security.authentication" value="simple"/>
|
|
<module<module-option name="java.naming.security.protocol" value=""/>
|
|
<module<module-option name="java.naming.security.principal" value=" |
|
<USUARIO2>@<DOMINIO<module<module-option name="java.naming.security.credentials" value=" |
|
<SENHA><module<module-option name="uidAttributeID" value="sAMAccountName"/>
|
|
<module<module-option name="baseFilter" value="(sAMAccountName={0})"/>
|
|
<module<module-option name="loginCombinedWithDatabase" value="false"/>
|
|
<module<module-option name="baseCtxDN" value="DC= |
|
<ESTRUTURA<module<module-option name="rolesCtxDN" value="DC= |
|
<ESTRUTURA<module<module-option name="hashAlgorithm" value="MD5"/>
|
|
<module<module-option name="hashEncoding" value="HEX"/>
|
|
</login-module></pre>
</div>
</div></li>
</ul>
</div>
</div>
<div id="3" class="deck-card " style="" cssclass="" accesskey=""
label="Passo 3" title="" nextafter="0" effecttype="default"
effectduration="-1.0">
<p> </p>
<ul>
<li><p>
In case authentication through data of the data bank is also
required, the following tag structure <em>login-module</em> must
also be added:
</p>
<div class="code panel pdl" style="border-width: 1px;">
<div class="codeContent panelContent pdl">
<pre class="theme: Confluence; brush: html/xml; gutter: false"
style="font-size: 12px;"><login<module<module-option name="hashAlgorithm" value="MD5"/>
|
|
<module<module-option name="hashEncoding" value="HEX"/>
|
|
<module<module-option name="principalClass" value="com.totvs.technology.foundation.common.TOTVSTechPrincipal"/>
|
|
</login-module></pre>
</div>
</div></li>
</ul>
</div>
</div>
</div>
<!-- // .deck -->
<p> </p>
<p> </p>
</div>
|