'2010/02'에 해당되는 글 2건

  1. 2010/02/28 Securing the jboss JMX console
  2. 2010/02/28 Jboss LDAP Intergration

Securing the jboss JMX console

I.T. Diary/Middleware 2010/02/28 05:51
JMX console 보안을 위해 유저 와 패스워드을 입력하게 하는 방법. 모든 웹로인에도 같은 방식을 적용.

http://www.redhat.com/docs/manuals/jboss/jboss-eap-4.2/doc/Server_Configuration_Guide/Inspecting_the_Server___the_JMX_Console_Web_Application-Securing_the_JMX_Console.html

'I.T. Diary > Middleware' 카테고리의 다른 글

Jboss 에서 context-root 을 바꿀때  (0) 2010/03/20
Securing the jboss JMX console  (0) 2010/02/28
Jboss LDAP Intergration  (0) 2010/02/28
Jboss Seam  (0) 2009/12/12
Seam  (0) 2009/11/09
Jboss Training  (0) 2009/11/09
Posted by aboutnz
TAG Jboss, JMX
트랙백 0, 댓글 0개가 달렸습니다.

Jboss LDAP Intergration

I.T. Diary/Middleware 2010/02/28 05:34
Jboss  와 opend ldap intergration 에 대한 좋은 블로그 입니다.

1)우선 openldap server 와 openldap client ( ldapsearch 을 사용하기위해 ) 설치하고
 
2) ldap configuration 인  /etc/openldap/slapd.conf 에서  suffix, rootdn 을  아래화같이 수정하고

         suffix          "dc=company,dc=com"
         rootdn          "cn=Manager,dc=company,dc=com"
3) slappasswd 을 사용하여 패스워드을 사용하여 hash 값을 구해 /etc/openldap/slapd.conf 에 저장한다.

4)    http://dsoft-tech.blogspot.com/2006/10/jboss-ldap-integration.html 있는 데이타을 ldif 로 저장하여 추가한다     

      ldapadd -f entries.ldif -x -D "cn=Manager,dc=company,dc=com" -w secret

5)  lidf 파일을 설치하여 아래와 같은 ldapsearch   해본다.

ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W


ldapsearch -x -b 'dc=company,dc=com' '(objectclass=*)'

ldapsearch -x -b 'dc=company,dc=com' uid="admin" | more


  http://dsoft-tech.blogspot.com/2006/10/jboss-ldap-integration.html  에서 잘못된것

dn: dc=company,dc=com
dc: company
objectClass: top
objectClass: dcObject
objectClass: domain

dn: ou=Roles,dc=company,dc=com
ou: Roles
objectClass: top
objectClass: organizationalUnit

dn: ou=People,dc=company,dc=com
ou: People
objectClass: top
objectClass: organizationalUnit

dn: uid=demo,ou=People,dc=conpany   company,dc=com
uid: demo
objectclass: person
objectclass: inetOrgPerson
cn: demo
sn: demo

dn: uid=admin,ou=People,dc=company,dc=com
uid: admin
objectClass: person
objectClass: inetOrgPerson
cn: Admin
sn: admin

dn: cn=Administrator,ou=Roles,dc=company,dc=com
cn: Admin Administrator
objectClass: top
objectClass: groupOfNames
member: uid=admin,ou=People,dc=company,dc=com

dn: cn=Users,ou=Roles,dc=company,dc=com
cn:Users
objectClass: top
objectClass: groupOfNames
member: uid=demo,ou=People,dc=company,dc=com
member: uid=admin,ou=People,dc=company,dc=com

web.xml 파일도 아래아 같이
 
<security-constraint>
     <web-resource-collection>
       <web-resource-name>HtmlAdaptor</web-resource-name>
       <description>An example security config that only allows users with the
         role JBossAdmin to access the HTML JMX console web application
       </description>
       <url-pattern>/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
     </web-resource-collection>
     <auth-constraint>
       <role-name>Administrator</role-name>
     </auth-constraint>
   </security-constraint>

<login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>Admin</realm-name>
           </login-config>

<security-role>

하면 admin 만 입력하면 role group 에 있기에 authenication 됨.

sldap.conf 이 다음을 첨가
allow bind_anon_dn

'I.T. Diary > Middleware' 카테고리의 다른 글

Jboss 에서 context-root 을 바꿀때  (0) 2010/03/20
Securing the jboss JMX console  (0) 2010/02/28
Jboss LDAP Intergration  (0) 2010/02/28
Jboss Seam  (0) 2009/12/12
Seam  (0) 2009/11/09
Jboss Training  (0) 2009/11/09
Posted by aboutnz
TAG Jboss
트랙백 0, 댓글 0개가 달렸습니다.