Difference between revisions of "User talk:Martin.povolny.yuh"

From OpenKM Documentation
Jump to: navigation, search
(LDAP example 2)
(LDAP example 2)
Line 1: Line 1:
 
LDAP_and_Active_Directory_user_examples
 
LDAP_and_Active_Directory_user_examples
  
== LDAP example 2 ==
+
Our contribs:
  
'''LDAP Structure'''
+
* improvement of the Czech translation
<source lang="java">
+
* LDAP_and_Active_Directory_uniqueMember_user_examples
dn: cn=admins@solnet.cz,ou=Groups,dc=solnet,dc=cz,o=solnet
 
objectClass: posixGroup
 
objectClass: groupOfUniqueNames
 
cn: admins@solnet.cz
 
uniqueMember: uid=jack@solnet.cz,ou=People,dc=solnet,dc=cz,o=solnet
 
 
 
dn: cn=users@solnet.cz,ou=Groups,dc=solnet,dc=cz,o=solnet
 
objectClass: posixGroup
 
objectClass: groupOfUniqueNames
 
cn: users@solnet.cz
 
uniqueMember: uid=jack@solnet.cz,ou=People,dc=solnet,dc=cz,o=solnet
 
uniqueMember: uid=joe@solnet.cz,ou=People,dc=solnet,dc=cz,o=solnet
 
 
 
dn: uid=jack@solnet.cz,ou=People,dc=solnet,dc=cz,o=solnet
 
uid: jack@solnet.cz
 
displayName: Jack Davis
 
 
 
dn: uid=joe@solnet.cz,ou=People,dc=solnet,dc=cz,o=solnet
 
uid: joe@solnet.cz
 
displayName: Joe Davis
 
</source>
 
 
 
'''Configuration parameters'''
 
<source lang="java">
 
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
 
principal.database.filter.inactive.users=true
 
// ldap
 
principal.adapter='com.openkm.principal.LdapPrincipalAdapter'
 
principal.ldap.server='ldap://localhost:389'
 
principal.ldap.security.principal='uid=admin,o=base'
 
principal.ldap.security.credentials='super-safe'
 
// user
 
principal.ldap.user.search.base='o=base'
 
principal.ldap.user.search.filter='(&(objectClass=posixAccount)(inetAuthorizedServices=openkm))'
 
principal.ldap.user.attribute='uid'
 
// user name
 
principal.ldap.username.search.base='o=base'
 
principal.ldap.username.search.filter='(&(objectclass=posixAccount)(inetAuthorizedServices=openkm)(uid={0}))'
 
principal.ldap.username.attribute='displayName'
 
// role
 
principal.ldap.role.search.base='o=base'
 
principal.ldap.role.search.filter='(objectClass=posixGroup)'
 
principal.ldap.role.attribute='cn'
 
// mail
 
principal.ldap.mail.search.base='o=base'
 
principal.ldap.mail.search.filter='(&(objectclass=inetMailUser)(uid={0}))'
 
principal.ldap.mail.attribute='mail'
 
// users by role
 
principal.ldap.users.by.role.search.base='o=base'
 
principal.ldap.users.by.role.search.filter='(&(objectClass=posixGroup)(cn={0}))'
 
principal.ldap.users.by.role.attribute='uniqueMember'
 
// roles by user
 
principal.ldap.roles.by.user.search.base='o=base'
 
principal.ldap.roles.by.user.search.filter='(&(objectClass=posixGroup)(uniqueMember={1}))'
 
principal.ldap.roles.by.user.attribute='mail'
 
// login
 
system.login.lowercase=true
 
default.user.role='UserRole'
 
default.admin.role='admins@solnet.cz'
 
 
 
</source>
 
 
 
'''login-config.xml'''
 
<source lang="xml">
 
<application-policy name="OpenKM">
 
  <authentication>
 
      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
 
      <module-option name="java.naming.provider.url">ldap://127.0.0.1:389</module-option>
 
      <module-option name="bindDN">uid=admin,o=solnet</module-option>
 
      <module-option name="bindCredential">supper-safe</module-option>
 
      <module-option name="baseCtxDN">o=solnet</module-option>
 
      <module-option name="baseFilter">(uid={0})</module-option>
 
      <module-option name="java.naming.security.authentication">simple</module-option>
 
      <module-option name="java.naming.referral">follow</module-option>
 
      <module-option name="roleAttributeIsDN">false</module-option>
 
      <module-option name="matchOnUserDN">true</module-option>
 
      <module-option name="roleRecursion">-1</module-option>
 
      <module-option name="roleFilter">(&amp;(objectClass=solnetGroup)(uniqueMember={0}))</module-option>
 
      <module-option name="roleAttributeID">cn</module-option>
 
      <module-option name="rolesCtxDN">o=solnet</module-option>
 
      <module-option name="defaultRole">UserRole</module-option>
 
      <module-option name="searchScope">SUBTREE_SCOPE</module-option>
 
      <module-option name="allowEmptyPasswords">false</module-option>
 
      </login-module>
 
    </authentication>
 
</application-policy>
 
</source>
 

Revision as of 20:20, 6 April 2012

LDAP_and_Active_Directory_user_examples

Our contribs:

  • improvement of the Czech translation
  • LDAP_and_Active_Directory_uniqueMember_user_examples
Retrieved from "https://www.openkm.com/wiki/index.php?title=User_talk:Martin.povolny.yuh&oldid=6377"