V B Kumar Jayanti wrote:
> Kenneth Clark wrote:
>
>> Hi, I found how to do it. The only thing I am struggling with now is
>> that the user is not being assigned any groups. I have set the
>> group-base-dn and enable default to principal mapping but it ain’t
>> working.
>>
> group-memberships can be configured in LDAP and group memberships can
> also be configured as assign-groups. In your LDAP Realm in
> domain.xml add the assign-groups property. If you are looking for
> setting the assign-groups property then as an example , here is what i
> have in my domain.xml
>
> <auth-realm
> classname="com.sun.enterprise.security.auth.realm.ldap.LDAPRealm"
> name="OpenDS">
> <property name="directory" value="ldap://localhost:389"/>
> <property name="assign-groups" value="ou=Groups,dc=sun,dc=com"/>
> <property name="assign-groups" value="LDAPAuthorizedGroup"/>
> <property name="base-dn" value="dc=sun,dc=com"/>
> <property name="jaas-context" value="ldapRealm"/>
> </auth-realm>
>
> see the assign-groups property above.
There are two of them, one needs to be commented. I inadvertently
uncommented the second one before sending the mail.
>
>>
>>
>> ________________
>>
>> Thanks and regards
>>
>>
>>
>> *Kenneth Clark*
>>
>> Solutions Engineer
>>
>>
>>
>> ShadowLogo.png
>>
>> *Tel:** *27 (0) 11 679 3075
>>
>> *Fax: *27 (0) 86 647 4819
>>
>> *Mobile:** *27 (0) 84 583 1348
>>
>> *Email:** *_kenneth.clark_at_skyetech.co.za
>> <mailto:kenneth.clark_at_skyetech.co.za>_
>>
>> *Website:** *http://www.skyetech.co.za**
>>
>>
>>
>> *From:* Kenneth Clark [mailto:kenneth.clark_at_skyetech.co.za]
>> *Sent:* 22 January 2008 00:06
>> *To:* users_at_glassfish.dev.java.net
>> *Subject:* Multiple LDAP authentication realms
>>
>>
>>
>> Is it possible to set up multiple authentication realms running off
>> one ldap server?
>>
>>
>>
>> ________________
>>
>> Thanks and regards
>>
>>
>>
>> *Kenneth Clark*
>>
>> Solutions Engineer
>>
>>
>>
>> ShadowLogo.png
>>
>> *Tel:** *27 (0) 11 679 3075
>>
>> *Fax: *27 (0) 86 647 4819
>>
>> *Mobile:** *27 (0) 84 583 1348
>>
>> *Email:** *_kenneth.clark_at_skyetech.co.za
>> <mailto:kenneth.clark_at_skyetech.co.za>_
>>
>> *Website:** *http://www.skyetech.co.za**
>>
>>
>>
>>
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.19.7/1234 - Release Date:
>> 2008/01/20 14:15
>>
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.19.7/1234 - Release Date:
>> 2008/01/20 14:15
>>
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.19.7/1234 - Release Date:
>> 2008/01/20 14:15
>>
>