Árvore de páginas

Você está vendo a versão antiga da página. Ver a versão atual.

Comparar com o atual Ver Histórico da Página

« Anterior Versão 2 Atual »

Valid configurations for authentication in AD using the LDAP Protocol (Lightweight Directory Access Protocol).

 

To this end, you need to change the file: <INSTALL_FLUIG>\jboss\configuration\standalone.xml.

 

Look for the following string:

<security-domain name="TOTVSTech" cache-type="default">
 <authentication>
 <login-module code="com.totvs.foundation.auth.FoundationDatabaseServerLoginModule" flag="required" module="com.totvs.foundation.auth">
 <module-option name="hashAlgorithm" value="MD5"/>
 <module-option name="hashEncoding" value="HEX"/>
 <module-option name="principalClass" value="com.totvs.technology.foundation.common.TOTVSTechPrincipal"/>
 </login-module>
 </authentication>
</security-domain>

 

If you use the direct validation form, without the need for credential, replace it for the following string:

<security-domain name="TOTVSTech" cache-type="default">
 <authentication>
  <login-module code="com.totvs.foundation.auth.FoundationLdapLoginModule" flag="required" module="com.totvs.foundation.auth">
    <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
    <module-option name="java.naming.provider.url" value="ldap://<SERVIDOR>:<PORTA>/"/>
    <module-option name="java.naming.security.authentication" value="simple"/>
    <module-option name="java.naming.security.protocol" value=""/>
    <module-option name="uidAttributeID" value="sAMAccountName"/>
    <module-option name="principalDNSuffix" value="@<DOMINIO>"/>
    <module-option name="rolesCtxDN" value="DC=local"/>
    <module-option name="loginCombinedWithDatabase" value="false"/>
    <module-option name="hashAlgorithm" value="MD5"/>
    <module-option name="hashEncoding" value="HEX"/>
   </login-module>
 </authentication>
</security-domain>

Tip: If you choose to use a "combined" login, i.e. login/network AND database password, change the value of the loginCombinedWithDatabase property to "true".



If you use LDAP with the need for credential, replace it with the following string:

<security-domain name="TOTVSTech" cache-type="default">
<authentication>
<login-module code="com.totvs.foundation.auth.FoundationExtLdapLoginModule" flag="required" module="com.totvs.foundation.auth">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
        <module-option name="java.naming.provider.url" value="ldap://<SERVIDOR>:<PORTA>/"/> 
        <module-option name="java.naming.security.authentication" value="simple"/> 
        <module-option name="java.naming.security.protocol" value=""/> 
        <module-option name="java.naming.security.principal" value="<USUARIO>@<DOMINIO>"/> 
        <module-option name="java.naming.security.credentials" value="<SENHA>"/> 
        <module-option name="uidAttributeID" value="sAMAccountName"/> 
        <module-option name="baseFilter" value="(sAMAccountName={0})"/> 
        <module-option name="loginCombinedWithDatabase" value="false"/> 
        <module-option name="baseCtxDN" value="DC=<ESTRUTURA>"/> 
        <module-option name="rolesCtxDN" value="DC=<ESTRUTURA>"/> 
        <module-option name="hashAlgorithm" value="MD5"/> 
        <module-option name="hashEncoding" value="HEX"/> 
        </login-module> 
   </authentication> 
</security-domain>

Tip: If you choose to use a "combined" login, i.e. login/network AND database password, change the value of the loginCombinedWithDatabase property to "true".



  • Sem rótulos