I have LDAP setup in my ServiceMix 4 environment using the ldap-module.xml file. The issue is that as long as a user on the LDAP server has a valid login, they can sign into karaf. What I would really like is to only allow login if the user is a member of the smxAdmin group (cn=smxAdmin,ou=roles,dc=example,dc=com). I looked at both the org.apache.karaf.shell.cfg and system.properties files, but I don't see a place to add the role I want to compare against. I'd like to use this with all Karaf logins (karaf, SSH, and Web Console).
Any idea how I can accomplish this?
It is currently not possible to specify a different admin role name in ServiceMix 4.3.
ServiceMix 4.4 will use Karaf 2.2 and will then allow to specify the admin role name in etc/system.properties in the configuration variable
But again, this is currently not possible in ServiceMix 4.3.1. Right now the role name needs to be called "admin".
I added a new role named admin (cn=admin,ou=roles,dc=example,dc=com), and added a couple users to it. I tried again, and I can still get in with users who are members and users who are not members of that admin group. Any ideas why?