Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- CACHETYPE="" ## empty || cache-type=default
- FLAG="sufficient"
- SECURITY_DOMAIN_NAME="name"
- SECURITY_DOMAIN_LDAP_URL="ldap://ldap.example.com"
- SECURITY_DOMAIN_LDAP_USER="cn=admin,dc=example.com"
- SECURITY_DOMAIN_LDAP_PASSWORD="changethis"
- SECURITY_DOMAIN_LDAP_USERS_DN="ou=people,dc=example,dc=com"
- SECURITY_DOMAIN_LDAP_USER_LOGIN_ATTRIBUTE="(uid={0})"
- SECURITY_DOMAIN_LDAP_ROLES_DN="ou=groups,dc=example,dc=com"
- SECURITY_DOMAIN_LDAP_USERS_IN_ROLE_ATTRIBUTE="(member={1})"
- SECURITY_DOMAIN_LDAP_USER_ATTRIBUTE_IN_ROLE="cn"
- jboss-cli.sh --connect --command /profile=full-ha/subsystem=security/security-domain=$SECURITY_DOMAIN_NAME/:add($CACHETYPE)
- jboss-cli.sh --connect --command /profile=full-ha/subsystem=security/security-domain=$SECURITY_DOMAIN_NAME/authentication=classic:add(login-modules=[{"code"=>"LdapExtended", "flag"=>"$FLAG", "module-options"=>[("java.naming.provider.url" => "$SECURITY_DOMAIN_LDAP_URL"),("java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory"),("bindDN" => "$SECURITY_DOMAIN_LDAP_USER"),("bindCredential" => "$SECURITY_DOMAIN_LDAP_PASSWORD"),("baseCtxDN" => "$SECURITY_DOMAIN_LDAP_USERS_DN"),("baseFilter" => "$SECURITY_DOMAIN_LDAP_USER_LOGIN_ATTRIBUTE"),("rolesCtxDN" => "$SECURITY_DOMAIN_LDAP_ROLES_DN"),("roleFilter" => "$SECURITY_DOMAIN_LDAP_USERS_IN_ROLE_ATTRIBUTE"),("roleAttributeID" => "$SECURITY_DOMAIN_LDAP_USER_ATTRIBUTE_IN_ROLE"),("allowEmptyPasswords" => "SUBTREE_SCOPE")] }] )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement