Red Hat APPLICATION SERVER - JONAS Manual page 43

Chapter 3. JOnAS Configuration
dsrealm name="howto_datasource_realm1"
dsName="jdbc_1"
userTable="realm_users" userTableUsernameCol="user_name"
userTablePasswordCol="user_pass"
roleTable="realm_roles" roleTableUsernameCol="user_name"
roleTableRolenameCol="role_name"
/
[...]
/jonas-dsrealm
3.5.8.2.3. Configuring an LDAP Resource in the jonas-realm.xml File
The user is added in the LDAP server. In this case, all the users are on the
ou=people,dc=jonas,dc=objectweb,dc=org
For example, for
uid=jonas_user,ou=people,dc=jonas,dc=objectweb,dc=org
The role will be added on the
jonas
case: DN
cn=jaas,ou=groups,dc=jonas,dc=objectweb,dc=org
The user is added to the role by adding a field
uid=jonas,ou=people,dc=jonas,dc=objectweb,dc=org
LDIF format for the user:
# jonas_user, people, jonas, objectweb, org
dn: uid=jonas_user,ou=people,dc=jonas,dc=objectweb,dc=org
objectClass: inetOrgPerson
uid: jonas_user
sn: jonas_user
cn: JOnAS user
userPassword:: jonas_password
LDIF format for the role:
# jonas, groups, jonas, objectweb, org
dn: cn=jonas,ou=groups,dc=jonas,dc=objectweb,dc=org
objectClass: groupOfUniqueNames
uniqueMember: uid=jonas_user,ou=people,dc=jonas,dc=objectweb,dc=org
cn: jonas
Now the
jonas-realm.xml
There are two authentication methods:
The bind method (default): In order to check the access rights, the resource attempts to login to the
•
LDAP server with the given username and password.
The compare method: The resource retrieves the password of the user from the LDAP server and
•
compares this password to the password given by the user.
Note
The compare method requires the admin roles in the configuration in order to read the user pass-
words.
the user
jonas_user
ou=groups,dc=jonas,dc=objectweb,dc=org
file can be customized by adding a LDAP resource.
DN.
the unique
to the role:
uniquemember
name will be:
DN. In this
uniquemember =
35
DN