2.4.2. Setting up Role Mapping with an LDAP Server
org.jboss.security.negotiation.AdvancedLdapLoginModule(refer to Example 2.2, “Application Security Domain”).
- Define InitialLdapContext properties: these properties are used to obtain LDAP connection (refer to Section 220.127.116.11, “Defining Initial LDAP Context with GSSAPI”; for details on the Java API refer to http://download.oracle.com/javase/6/docs/api/javax/naming/ldap/InitialLdapContext.html).
- Define DN (Distinguished Name) properties: these properties are used to search for the authenticated user on the LDAP server (refer to Section 18.104.22.168, “Defining DN Search”).
- Define role search properties: these properties govern the role search on the LDAP server (Section 22.214.171.124, “Defining Role Search”).
126.96.36.199. Defining Initial LDAP Context with GSSAPI
- defines the authentication type (set the property value to
GSSAPIto use GSSAPI-based authentication).
- defines the security domain that is used to obtain the subject required for the connection (refer to Section 2.2, “Defining Server Security Domain” for information defining the required jaasSecurityDomain).