Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-5

Integrate OpenDS in HEAD testsuite

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • 2.0.GA
    • None
    • JBossSX
    • None
    • High

      My preliminary testing with OpenDS has been a success. I was able to secure a jmx-console using the LdapLoginModule with the example1.ldif in
      http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule

      Since the configuration of OpenDS is based on scripts that internally call java classes, it should be easy to integrate it into HEAD testsuite.

      My prelim testing details:
      ====================================================================
      C:\cygwin\home\asaldhana\opends\OpenDS-0.1-build007\bin>start-ds
      [12/Sep/2006:12:57:14 -0500] category=CORE severity=NOTICE id=458886 msg="OpenDS
      Directory Server 0.1-build007 starting up."
      [12/Sep/2006:12:57:15 -0500] category=BACKEND severity=NOTICE id=8847402 msg="A
      database backend containing 1 entries has started."
      [12/Sep/2006:12:57:16 -0500] category=CONFIG severity=SEVERE_WARNING id=3277325
      msg="Access control has been disabled."
      [12/Sep/2006:12:57:17 -0500] category=CORE severity=NOTICE id=458887 msg="The Di
      rectory Server has started successfully."
      [12/Sep/2006:12:57:17 -0500] category=CORE severity=NOTICE id=458891 msg="The Di
      rectory Server has sent an alert notification generated by class org.opends.serv
      er.core.DirectoryServer (alert type org.opends.server.DirectoryServerStarted, al
      ert ID 458887): The Directory Server has started successfully.."
      ================================================================================

      =============================================================================
      C:\cygwin\home\asaldhana\opends\OpenDS-0.1-build007\bin>ldapmodify -h localhost
      -D "cn=Directory Manager" -w password -a -f a.ldif

      Processing ADD request for dc=jboss,dc=org.

      ADD operation successful for DN dc=jboss,dc=org.

      Processing ADD request for ou=People,dc=jboss,dc=org.

      ADD operation successful for DN ou=People,dc=jboss,dc=org.

      Processing ADD request for uid=jduke,ou=People,dc=jboss,dc=org.

      ADD operation successful for DN uid=jduke,ou=People,dc=jboss,dc=org.

      Processing ADD request for ou=Roles,dc=jboss,dc=org.

      ADD operation successful for DN ou=Roles,dc=jboss,dc=org.

      Processing ADD request for cn=Echo,ou=Roles,dc=jboss,dc=org.

      ADD operation successful for DN cn=Echo,ou=Roles,dc=jboss,dc=org.

      Processing ADD request for cn=TheDuke,ou=Roles,dc=jboss,dc=org.

      ADD operation successful for DN cn=TheDuke,ou=Roles,dc=jboss,dc=org.
      ===============================================================================

      ==============================================================================
      C:\cygwin\home\asaldhana\opends\OpenDS-0.1-build007\bin>ldapsearch -h localhost
      -b "dc=jboss,dc=org" -s sub "objectclass=*"

      dn: dc=jboss,dc=org

      objectClass: top

      objectClass: dcObject

      objectClass: organization

      o: JBoss

      dc: jboss

      dn: ou=People,dc=jboss,dc=org

      objectClass: top

      objectClass: organizationalUnit

      ou: People

      dn: uid=jduke,ou=People,dc=jboss,dc=org

      objectClass: top
      objectClass: person
      objectClass: uidObject
      userPassword:

      {SSHA}

      XM3FqJX2rfY5Cnzd1Q77gBIsSaiS/MWFfg2LPw==
      cn: Java Duke
      sn: Duke
      uid: jduke
      =====================================================================================

      The application policy:
      <application-policy name = "jmx-console">
      <authentication>
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
      flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://localhost:389/
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>
      <module-option name="principalDNPrefix">uid=</module-option>
      <module-option name="principalDNSuffix">,ou=People,dc=jboss,dc=org</module-option>
      <module-option name="rolesCtxDN">ou=Roles,dc=jboss,dc=org</module-option>
      <module-option name="uidAttributeID">member</module-option>
      <module-option name="matchOnUserDN">true</module-option>
      <module-option name="roleAttributeID">cn</module-option>
      <module-option name="roleAttributeIsDN">false</module-option>
      <module-option name="searchTimeLimit">5000</module-option>
      <module-option name="searchScope">ONELEVEL_SCOPE</module-option>
      </login-module>
      </authentication>
      </application-policy>

              anil.saldhana Anil Saldanha (Inactive)
              anil.saldhana Anil Saldanha (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: