[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [xmlblaster] Forcing all clients to authenticate via ldap?

To: xmlblaster at server.xmlBlaster.org
Subject: Re: [xmlblaster] Forcing all clients to authenticate via ldap?
From: Michele <michele at laghi.eu>
Date: Tue, 10 Oct 2006 09:08:09 +0200
In-reply-to: <452A345D.27315.14DBE8A9 at bkc.murkworks.com>
References: <452A345D.27315.14DBE8A9 at bkc.murkworks.com>
Reply-to: xmlblaster at server.xmlBlaster.org
Sender: owner-xmlblaster at server.xmlBlaster.org
User-agent: Thunderbird 1.5.0.4 (X11/20060527)

Brad Clements wrote:

Hi Brad,

you need to uncomment all Security lines besides the ldap plugin:

http://www.xmlBlaster.org/xmlBlaster/doc/requirements/security.htpasswd.html
#Security.Server.Plugin[simple][1.0]=org.xmlBlaster.authentication.plugins.simple.Manager
#Security.Server.Plugin[gui][1.0]=org.xmlBlaster.authentication.plugins.demo.Manager
Security.Server.Plugin[ldap][1.0]=org.xmlBlaster.authentication.plugins.ldap.Manager
#Security.Server.Plugin[htpasswd][1.0]=org.xmlBlaster.authentication.plugins.htpasswd.Manager

and make sure you comment out the following line too:
# NONE switches off security checks in passwd file:
#Security.Server.Plugin.htpasswd.secretfile=NONE

This fullfils req. 2 and 1.

Regards
Michele

> Hi,
> 
> 
> I mentioned this topic a few months back but haven't had time to followe up until 
> now.
> 
> I need to start having remote locations connect to xmlblaster via tcp/ssl protocol, 
> but I want every client to be forced to authenticate.
> 
> I am using release 1.3
> 
> The last time I tried this setting up authentication, it was possible to send and 
> receive messages without the client specifying any securityService. 
> 
> What I need is:
> 
> 1. all connects must have securityService specified (currently it's possible to 
> connect w/o specifying SecurityService and so you get some kind of 'guest' 
> access which I could not disable)
> 
> 2. only a valid ldap account can authenticate 
> 
> Is there any way in the current release to accomplish these two requirements? I 
> see that #2 should work, but I wasn't able to get xmlBlaster to talk to my ldap 
> server. 
> 
> My clients still connected ok, because I could not figure out how to meet 
> requirement #1 (ldap required).
> 
> 
> --
> 
> 
> Also, I need to setup clustering in the future, and I would like remote xmlBlaster 
> instances to also be required to authenticate via ldap. Will that be possible?
> 
> Thanks
> 
> 
> 
>

References:
- [xmlblaster] Forcing all clients to authenticate via ldap?
  - From: "Brad Clements" <bkc at murkworks.com>

Prev by Date: [xmlblaster] java.lang.NullPointerException on doSend with svn checkout
Next by Date: Re: [xmlblaster] debugging Firebird storage
Previous by thread: [xmlblaster] Forcing all clients to authenticate via ldap?
Next by thread: [xmlblaster] debugging Firebird storage
Index(es):
- Date
- Thread