Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherLIVE CYCLE 7.2
51525354555657585960
Adobe LiveCycle Manually Configuring JBoss
Installing and Configuring LiveCycle Security Products for JBoss Configuring JAAS authentication 57
For example, if your directory uses the schema attribute uid for the user login identification, you would
use the following XML for the search filter option:
<module-option name =
"searchfilterPrefix">(&amp;(objectClass=*)(uid=</module-option>
<module-option name = "searchfilterSuffix">))</module-option>
When a user logs in, LiveCycle Policy Server retrieves the user identification and uses it to build the search
filter. It then searches for the user record to use for authentication.
Tip: You need to escape special characters in your XML code.
The sample application element is named
UsernamePwd_Auth_Search, and resides in the
login-config.xml file in the [LiveCycle root]/product/conf directory. You can copy the element to the
login-config.xml file in the [appserver root]/conf directory.
Note: The Internet Engineering Task Force (IETF) Request for Comments (RFC) 2254 defines the syntax for
LDAP search filters. For information about search filters that is specific to the LDAP server, see the
documentation for the LDAP server.
For example application policies for Sun ONE and Active Directory, see
Example application policies” on
page 58.
The following table describes each property that can be configured.
Configurable option Description
user.provider.url The LDAP URL to your directory server (for example,
ldap://servername:port)
java.naming.security.authentication The LDAP authentication type.
searchUser Set to true to force a search for the user with the dynamically
constructed DN.
searchUsingAnonymousBind Specifies whether access to the directory is controlled by using
authentication:
true - No authentication is performed, and no user
information is needed to perform the search.
false - Authentication is performed. A user identification and
password are required to perform the search.
binduser The DN of the user record that can access the directory for
searching. This option has no value when
searchUsingAnonymousBind is
true.
bindpassword The password associated with the DN specified in the binduser
module option. This option has no value when
searchUsingAnonymousBind is
true.
basedn The base DN of your directory.
searchfilterprefix The portion of the search filter on the left of the user identification.
searchfiltersuffix
The portion of the search filter on the right of the user identification.