Versions Compared

Version Old Version 7 New Version 8
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
title${jboss.home}/server/${server}/conf/login-config.xml
diff -cBr login-config.xml.orig login-config.xml
*** login-config.xml.orig	2011-04-28 10:59:03.466393001 -0400
--- login-config.xml	2011-04-28 10:54:50.326393001 -0400
***************
*** 123,132 ****
      allow such users to be authenticated add the property, e.g.,
      unauthenticatedIdentity="nobody"
      -->
!     <authentication>
!       <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
!         flag="required"/>
!     </authentication>
    </application-policy>

  </policy>
--- 124,152 ----
      allow such users to be authenticated add the property, e.g.,
      unauthenticatedIdentity="nobody"
      -->
! 		<authentication>
!
!                        <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient">
!                                 <module-option name="java.naming.provider.url">ldaps://ad.its.yale.edu:636/</module-option>
!                                 <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
!                                 <module-option name="java.naming.security.protocol">ssl</module-option>
!                                 <module-option name="bindDN">${user.dn}</module-option>
!                                 <module-option name="bindCredential">${user.pwd}</module-option>
!<application-policy name="other">
    <!-- A simple server login module, which can be used when the number
    of users is relatively small. It uses two properties files:
    users.properties, which holds users (key) and their password (value).
    roles.properties, which holds users (key) and a comma-separated list of
    their roles (value).
    The unauthenticatedIdentity property defines the name of the principal
    that will be used when a null username and password are presented as is
    the case for an unuathenticated web client or MDB. If you want to
    allow such users to be authenticated add the property, e.g.,
    unauthenticatedIdentity="nobody"
    -->
                         <authentication>

     <module-option name="baseCtxDN">DC=yu,DC=yale,DC=edu</module-option> !                                 <module-option name="baseFilter">(cn={0})</module-option>
!                                 <module-option name="defaultRole">hudson</module-option>
!                                 <module-option name="roleFilter">(1=2)</module-option>
! <login-module code="org.jasig.cas.client.jboss.jaas.CasAuthenticatorLoginModule" flag="required">
                                <module-option name="rolesCtxDN">DC=yu,DC=yale,DC=edu</module-option>
!                                 <module-option name="password-stacking">useFirstPass<default-role">app-user</module-option>
!                        </login-module>

!  ! 			<login-module code="org.jasig.cas.client.jboss.jaas.CasAuthenticatorLoginModule" flag="sufficient"> ! 				<module-option name="default-role">hudson</module-option> ! 				<module-option name="password-stacking">useFirstPass</module-option> ! 			</login-module> ! ! 		</authentication>
!
    </application-policy>

 
</policy>

4. Add cas-config-service.xml

Code Block
title${jboss.home}/server/${server}/deploy/cas-config-service.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE server PUBLIC "-//JBoss//DTD MBean Service 4.0//EN"
          "http://www.jboss.org/j2ee/dtd/jboss-service_4_0.dtd">
<server>

   <mbean code="org.jboss.naming.JNDIBindingServiceMgr"
         name="org.jasig:service=CasConfig">

      <attribute name="BindingsConfig" serialDataType="jbxb">

         <jndi:bindings
            xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
            xmlns:jndi="urn:jboss:jndi-binding-service:1.0"
            xs:schemaLocation="urn:jboss:jndi-binding-service:1.0 resource:jndi-binding-service_1_0.xsd">

            <jndi:binding name="jasig/cas/config">
               <java:properties xmlns:java="urn:jboss:java-properties"
                  xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
                  xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd">

                  <!-- Properties -->
                  <java:property>
                     <java:key>loginUrl</java:key>
                     <java:value>https://secure.its.yale.edu/cas/login</java:value>
                  </java:property>
                  <java:property>
                     <java:key>casServerUrl</java:key>
                     <java:value>https://secure.its.yale.edu/cas</java:value>
                  </java:property>
                  <java:property>
                     <java:key>basicAuthPaths</java:key>
                     <java:value>.*/api/xml</java:value>
                  </java:property>
                  <java:property>
                     <java:key>basicAuthRealm</java:key>
                     <java:value>Hudson Xml Api</java:value>
                  </java:property>

               </java:properties>
            </jndi:binding>

         </jndi:bindings>
      </attribute>
      <depends>jboss:service=Naming</depends>
   </mbean>

   <mbean code="org.jasig.cas.client.jboss.mbeans.CasContextConfig"
          name="org.jasig:service=CasContextMBean">
      <depends>jboss:service=Naming</depends>
      <depends>org.jasig:service=CasConfig</depends>
   </mbean>

</server>