Forum Home » Fuse Distributions » Fuse ESB

Thread: Setting the LDAP role for Karaf

 
This question is not answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 2 - Last Post: Mar 28, 2011 1:52 PM Last Post By: dhoyt
dhoyt

Posts: 32
Registered: 03/03/11
Setting the LDAP role for Karaf
Posted: Mar 25, 2011 3:11 PM
 
  Click to reply to this thread Reply
I have LDAP setup in my ServiceMix 4 environment using the ldap-module.xml file. The issue is that as long as a user on the LDAP server has a valid login, they can sign into karaf. What I would really like is to only allow login if the user is a member of the smxAdmin group (cn=smxAdmin,ou=roles,dc=example,dc=com). I looked at both the org.apache.karaf.shell.cfg and system.properties files, but I don't see a place to add the role I want to compare against. I'd like to use this with all Karaf logins (karaf, SSH, and Web Console).

Any idea how I can accomplish this?

tmielke

Posts: 178
Registered: 12/04/07
Re: Setting the LDAP role for Karaf
Posted: Mar 28, 2011 8:06 AM   in response to: dhoyt in response to: dhoyt
 
  Click to reply to this thread Reply
It is currently not possible to specify a different admin role name in ServiceMix 4.3.
ServiceMix 4.4 will use Karaf 2.2 and will then allow to specify the admin role name in etc/system.properties in the configuration variable
karaf.admin.role=admin

But again, this is currently not possible in ServiceMix 4.3.1. Right now the role name needs to be called "admin".

Also see ESB-1409
dhoyt

Posts: 32
Registered: 03/03/11
Re: Setting the LDAP role for Karaf
Posted: Mar 28, 2011 1:52 PM   in response to: tmielke in response to: tmielke
 
  Click to reply to this thread Reply
I added a new role named admin (cn=admin,ou=roles,dc=example,dc=com), and added a couple users to it. I tried again, and I can still get in with users who are members and users who are not members of that admin group. Any ideas why?

Also, any idea when 4.4 will be released?