<application-policy name="MySec">
<authentication>
<login-module code="fr.security.tomcat.MyAuthentificator" flag="sufficient">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="principalClass">fr.security.tomcat.MyPrincipal</module-option>
<module-option name="securityDomain">java:/jaas/MySec</module-option>
<module-option name="principalClassName">fr.security.tomcat.MyPrincipal</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient" >
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://xxx:389</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="principalDNPrefix">cn=</module-option>
<module-option name="principalDNSuffix">,o=utilisateur pilote,dc=xx,dc=com</module-option>
<module-option name="rolesCtxDN">o=role,dc=xx,dc=com</module-option>
<module-option name="uidAttributeID">member</module-option>
<module-option name="matchOnUserDN">true</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
</login-module>
</authentication>
</application-policy>
Partager