使用Ldap进行worklight服务器身份验证 [英] worklight server authentication with Ldap
问题描述
我想使用ApacheDS LDAP对用户进行身份验证,然后将其与我的worklight服务器(自由配置文件)集成。
对于我在http端点元素之后使用以下代码修改了server.xml。
I want to authenticate users using ApacheDS LDAP and then integrate it with my worklight server(liberty profile). For that i modified server.xml with the following code after http endpoint element.
<ldapRegistry id="ldap" >
realm="LdapRegistry"
host="localhost"
port="10389"
ignoreCase="true"
baseDN="dc=partition1,dc=com"
bindDN="uid=admin,ou=system"
userFilter="(&(uid=%v)(objectclass=inetOrgPerson))"
bindPassword="secret"
ldapType="ApacheDS 2.0.0"
</ldapRegistry>
"<securityTests>
<customSecurityTest name="LDAPSecurityTest">
<test isInternalUserID="true" realm="LDAPRealm"/>
</customSecurityTest>
<customSecurityTest name="LDAPSecurityTestForWLConsole">
<test isInternalUserID="true" realm="WorklightConsole"/>
</customSecurityTest>
</securityTests>
<realms>
<realm loginModule="LDAPLoginModule" name="LDAPRealm">
<className>com.worklight.UsernamePasswordJSONAuthenticator</className>
</realm>
<realm loginModule="StrongDummy" name="SampleAppRealm">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
</realm>
<realm loginModule="LDAPLoginModule" name="WorklightConsole">
<className>com.worklight.core.auth.ext.FormBasedAuthenticator</className>
<onLoginUrl>/console</onLoginUrl>
</realm>
</realms>
<loginModules>
<loginModule name="LDAPLoginModule">
<className>com.worklight.LDAPLoginModule</className>
<parameter name="ldapHost" value="ldap://localhost:10389"/>
<parameter name="ldapDomain" value="localhost:10389"/>
<parameter name="searchBase" value="dc=partition1,dc=com"/>
<!--
In case credentials are successfully validated check user's memberOf property for this string.
Can be used to check whether user belongs to specific LDAP unit or group.
Leave value empty to skip this check.
-->
</loginModule>
<loginModule name="StrongDummy">
<className>com.worklight.core.auth.ext.NonValidatingLoginModule</className>
</loginModule>
<loginModule name="requireLogin">
<className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className>
</loginModule>
</loginModules>
</tns:loginConfiguration>
worklight服务器控制台停止工作。
以下来自ibm站点和支持中心的LDAP登录模块,用于配置自由配置文件。
请帮助
The worklight server console stops working. Following LDAP login module from ibm site and support centre for configuring to liberty profile. Kindly help
推荐答案
第一点:我认为LDAP类型ApacheDS 2.0.0不正确。
支持的类型是:
First point: I think that the LDAP type "ApacheDS 2.0.0" is not correct.
The supported types are:
- Microsoft Active Directory
- 自定义
- IBM Lotus Domino Novell eDirectory
- IBM Tivoli Directory Server
- Sun Java System Directory Server
- Netscape Directory Server
- IBM SecureWay Directory Server
- Microsoft Active Directory
- Custom
- IBM Lotus Domino Novell eDirectory
- IBM Tivoli Directory Server
- Sun Java System Directory Server
- Netscape Directory Server
- IBM SecureWay Directory Server
所以肯定必须使用自定义。
So surely Custom has to be used.
第二点:你必须添加 userIdMap =*:uid。
所以请尝试:
Second point: you have to add userIdMap="*:uid".
So try with:
<ldapRegistry id="ldap" >
realm="LdapRegistry"
host="localhost"
port="10389"
ignoreCase="true"
baseDN="dc=partition1,dc=com"
bindDN="uid=admin,ou=system"
userFilter="(&(uid=%v)(objectclass=inetOrgPerson))"
userIdMap="*:uid"
bindPassword="secret"
ldapType="Custom"
</ldapRegistry>
这篇关于使用Ldap进行worklight服务器身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
