In this tutorial we'll configure JBoss Portal LDAP support. You will learn the basic configuration that needs to be done to leverage a directory server in your portal deployment. Before we start you will need to get:
- JBoss Portal sources:
The best way to obtain latest JBoss Portal 2.6 sources is to use Subversion:
$ svn co http://anonsvn.jboss.org/repos/portal/tags/JBoss_Portal_2_6_0/ jboss-portal-2.6
- JBoss Application Server 4.0.5GA.
It can be downloaded from here: http://labs.jboss.com/jbossas/downloads
You need to download the .zip version and simply unpack it somewhere on your disk. Before you proceed, the 'JBOSS_HOME' environment variable should be set to point to directory containing unpacked archive. Under Linux you can use:
$ export JBOSS_HOME=/opt/JBoss/jboss-4.0.5GA
Preparing the LDAP directory.
In this tutorial we'll use OpenDS directory server. JBoss Portal leverages it for unit tests so in the source distribution you can find an embedded directory server that can be deployed on JBoss Application Server.
- Build JBoss Portal sources by doing:
[jboss-portal-2.6] $ ./build/build.sh
This may take a while as all nessesary libraries have to be downloaded from a library repository. During this tutorial we'll assume that you are using Linux. But you will also find proper '.bat' scripts for Windows operating system as well.
- Deploy OpenDS directory server
[jboss-portal-2.6] $ ./identity/build.sh deploy-ldap
This will copy necessary files into the JBoss AS pointed by 'JBOSS_HOME' environment variable.
- Run JBoss AS:
[bin] $ ./run.sh
At the moment you should have an instance of the OpenDS LDAP server listening on port 10389. To be able to use it with portal we need to provision it with sample data. To do this we'll use simple LDAP tool with GUI written in Java - LDAP Browser/Editor. It's a very lightweight tool that runs on many environment. Follow installation notes specified here: http://www-unix.mcs.anl.gov/~gawor/ldap/installation.html
You will simply need to download the archive, unpack it and run the lbe.sh or lbe.bat script (assuming that you have the java command in your operating system path). If you are using Fedora Linux you can also find 'lbe' rpm package in Dries repository.
Provision LDAP with sample data.
You will find ldif containing sample LDAP tree in portal sources (jboss-portal-2.6/identity/src/resources/example/portal-sample-local.ldif). To add it into OpenDS using LDAP Browser you need to:
- Run LDAP Browser/Editor, and choose menu 'File' - 'Connect'
- Change to 'Quick Connect' tab and enter following information:
- host: localhost
- port: 10389
- leave 'Base DN' empty
- uncheck 'Annonymous bind' checkbox
- user DN: cn=Directory Manager
- password: password
- click 'Connect'
Shutdown JBOSS AS:
$ cd $JBOSS_HOME/bin
[bin] $ ./shutdown.sh
Configure JBoss Portal LDAP support
JBoss is preconfigured to work with a locally deployed OpenDS. To enable LDAP support only tiny modification is needed:
- Edit file jboss-portal-2.6/core/src/resources/portal-core-sar/META-INF/jboss-service.xml and change following line:
You will find configuration details in jboss-portal-2.6/core/src/resources/portal-core-sar/conf/identity/ldap_identity-config.xml
- Install JBoss Portal:
[jboss-portal-2.6] $ ./build/build.sh deploy-all
[jboss-portal-2.6] $ ./core/build.sh datasource
[jboss-portal-2.6] $ cp ./core/output/resources/setup/portal-hsqldb-ds.xml $JBOSS_HOME/server/default/deploy/
- Run JBoss Portal
[bin] $ ./run.sh
At the moment JBoss Portal should store identity related data in LDAP store. Let's check it out.
- Open your browser and go to http://localhost:8080/portal
- Login as user 'jduke' with password 'theduke'. This is the user account we added into LDAP in previous steps.
- On the left side click on the 'Edit your profile' link.
- In the 'Real e-mail' field enter 'email@example.com' and click 'Save changes'
- Refresh the view in LDAP Browser and check that new email address was updated in proper user entry
- Logout from portal and login back as user 'admin' with password 'admin'.
- Click on the 'Admin' link in the top right corner and go into 'Members' tab.
- Click on the 'Create User account' link.
- Fill in the form with sample data and click 'New user registration'
- Verify in LDAP Browser that new user entry was added to the directory
- Try to login with username and password you specified for the new account.
- Go back in the 'Members' tab you can also list and manage all the users that are present in LDAP. Its also possible to assign specific roles to them. Try it out!
Please check out JBoss Portal 2.6 Reference Guide to learn more.