Page History

Versions Compared

Old Version 2

changes.mady.by.user Yohan Colmant

Saved on

compared with

New Version Current

changes.mady.by.user Yohan Colmant

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Avec les modifs données ci-dessous, on est censé pouvoir

  • utiliser AD pour s'authentifier via le couple sAMAccountName / password
  • utiliser AD pour récupérer les attributs d'un utilisateur et ses groupes

main-config.properties :

ldap.managerDn = le sAMAccountName d'un "admin" dans l'AD
ldap.managerPassword = son password

acegi-authentication-ldap.xml

  • On décommente l'usage de ldap.managerDn et ldap.managerPassword
  • On ajoute un bloc extraEnvVars, cf diff ci-dessous
Code Block
Index: /opt/ori-oai/ori-oai-src/ori-oai-workflow-svn/conf/properties/spring/acegi/acegi-authentication-ldap.xml
===================================================================
--- /opt/ori-oai/ori-oai-src/ori-oai-workflow-svn/conf/properties/spring/acegi/acegi-authentication-ldap.xml	(revision 1694)
+++ /opt/ori-oai/ori-oai-src/ori-oai-workflow-svn/conf/properties/spring/acegi/acegi-authentication-ldap.xml	(working copy)
@@ -9,14 +9,23 @@
 		class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
 		<constructor-arg
 			value="${ldap.providerUrl}" />
-		<!-- uncomment it if you want to connect vith username/password (see main-cinfig.properties)
+		<!-- uncomment it if you want to connect vith username/password (see main-cinfig.properties) -->
 		<property name="managerDn">
 			<value>${ldap.managerDn}</value>
 		</property>
 		<property name="managerPassword">
 			<value>${ldap.managerPassword}</value>
 		</property>
-		-->
+		  <property name="extraEnvVars">
+		    <map>
+		      <entry>
+			<key>
+			  <value>java.naming.referral</value>
+			</key>
+			<value>follow</value>
+		      </entry>
+		    </map>
+		</property>
 	</bean>

</beans>

...