TOTVS Fluig English

Árvore de páginas

Versões comparadas

Versão antiga 4

changes.mady.by.user Igor Duquia Giumelli

Gravado em

comparado com

Nova versão Atual

changes.mady.by.user Denise De Deus

Gravado em

Chave

  • Esta linha foi adicionada.
  • Esta linha foi removida.
  • A formatação mudou.

Índice

Índice
outlinetrue
stylenone
exclude.*ndice
stylenone

Objective

The objective of this guide is to present the valid configurations for authentication in multiple AD servers using the LDAP protocol (Lightweight Directory Access Protocol).

Authentication settings across multiple AD Servers with LDAP Protocol

To define these configurations, the file <INSTALL_FLUIG>\jboss\configuration\standalone.xml needs to be modified, according to the steps below: 


Deck of Cards
effectDuration0.5
historyfalse
idsampleshistoryfalse
effectTypefade
 
Card
defaulttrue
id1
labelStep 1


  • Look for the snippet below:

    Bloco de código
    languagehtml/xml
    <security-domain name="TOTVSTech" cache-type="default">
 <authentication>
 <login-module code="com.totvs.foundation.auth.FoundationDatabaseServerLoginModule" flag="required" module="com.totvs.foundation.auth">
 <module-option name="hashAlgorithm" value="MD5"/>
 <module-option name="hashEncoding" value="HEX"/>
 <module-option name="principalClass" value="com.totvs.technology.foundation.common.TOTVSTechPrincipal"/>
 </login-module>
 </authentication>
</security-domain>
 
Card
id2
labelStep 2


  • Replace the tags structure login-module for the following structure:

    Bloco de código
    languagehtml/xml
    <login-module code="com.totvs.foundation.auth.FoundationExtLdapLoginModule" flag="sufficient" module="com.totvs.foundation.auth">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
        <module-option name="java.naming.provider.url" value="ldap://<SERVIDOR AD 1>:<PORTA AD 1>/"/> 
        <module-option name="java.naming.security.authentication" value="simple"/> 
        <module-option name="java.naming.security.protocol" value=""/> 
        <module-option name="java.naming.security.principal" value="<USUARIO AD 1>@<DOMINIO AD1>"/> 
        <module-option name="java.naming.security.credentials" value="<SENHA AD 1>"/> 
        <module-option name="uidAttributeID" value="sAMAccountName"/>
        <module-option name="baseFilter" value="(sAMAccountName={0})"/>
        <module-option name="loginCombinedWithDatabase" value="false"/> 
        <module-option name="baseCtxDN" value="DC=<ESTRUTURA AD 1>"/> 
        <module-option name="rolesCtxDN" value="DC=<ESTRUTURA AD 1>"/> 
        <module-option name="hashAlgorithm" value="MD5"/>
        <module-option name="hashEncoding" value="HEX"/>
</login-module>
<login-module code="com.totvs.foundation.auth.FoundationExtLdapLoginModule" flag="sufficient" module="com.totvs.foundation.auth">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
        <module-option name="java.naming.provider.url" value="ldap://<SERVIDOR AD 2>:<PORTA AD 2>/"/> 
        <module-option name="java.naming.security.authentication" value="simple"/> 
        <module-option name="java.naming.security.protocol" value=""/> 
        <module-option name="java.naming.security.principal" value="<USUARIO AD 2>@<DOMINIO AD 2>"/> 
        <module-option name="java.naming.security.credentials" value="<SENHA>"/> 
        <module-option name="uidAttributeID" value="sAMAccountName"/>
        <module-option name="baseFilter" value="(sAMAccountName={0})"/>
        <module-option name="loginCombinedWithDatabase" value="false"/> 
        <module-option name="baseCtxDN" value="DC=<ESTRUTURA AD 2>"/> 
        <module-option name="rolesCtxDN" value="DC=<ESTRUTURA AD 2>"/> 
        <module-option name="hashAlgorithm" value="MD5"/>
        <module-option name="hashEncoding" value="HEX"/>
</login-module>
 
Card
id3
labelStep 3


  • In case authentication through data of the data bank is also required, the following tag structure login-module must also be added:

    Bloco de código
    languagehtml/xml
    <login-module code="com.totvs.foundation.auth.FoundationDatabaseServerLoginModule" flag="sufficient" module="com.totvs.foundation.auth">
 <module-option name="hashAlgorithm" value="MD5"/>
 <module-option name="hashEncoding" value="HEX"/>
 <module-option name="principalClass" value="com.totvs.technology.foundation.common.TOTVSTechPrincipal"/>
</login-module>