test

Using LDAP with Java CAPS

ProcedureTo Configure the Repository

  1. Open the server.xml file in the JavaCAPS-install-dir/repository/repository/server/conf directory.

  2. Remove or comment out the default <Realm> element.

  3. If you are using Sun Java System Directory Server, add the following <Realm> element inside the <Engine> tag. Change the default values as necessary. The preceding table describes the attributes.


    <Realm className="org.apache.catalina.realm.JNDIRealm"
    connectionURL="ldap://localhost:489"
    userBase="cn=People,dc=sun,dc=com"
    userSearch="(uid={0})"
    userSubtree="true"
    userRoleName="nsroledn"
    userRoleNamePattern="cn={0},dc=sun,dc=com"
    roleSubtree="true"
/>

  4. If you are using Active Directory, add the following <Realm> element inside the <Engine> tag. Change the default values as necessary. The preceding table describes the attributes.


    <Realm className="org.apache.catalina.realm.JNDIRealm"
    connectionURL="ldap://localhost:389"
    userBase="cn=Users,dc=sun,dc=com"
    userSearch="(cn={0})"
    userSubtree="true"
    roleBase="ou=CAPSRoles,dc=sun,dc=com"
    roleName="cn"
    roleSearch="(member={0})"
    roleSubtree="true"
/>

  5. If you are using OpenLDAP Directory Server, add the following <Realm> element inside the <Engine> tag. Change the default values as necessary. The preceding table describes the attributes.


    <Realm className="org.apache.catalina.realm.JNDIRealm"
    connectionURL="ldap://localhost:389"
    userBase="ou=People,dc=sun,dc=com"
    userSearch="(uid={0})"
    userSubtree="true"
    roleBase="ou=CAPSRoles,dc=sun,dc=com"
    roleName="cn"
    roleSearch="(uniquemember={0})"
    roleSubtree="true"
/>

  6. If your LDAP server is not configured for anonymous read access, add the connectionName and connectionPassword attributes to the <Realm> element. Set the first attribute to the DN of the Administrator user. Set the second attribute to the user’s encrypted password. Refer to the following examples.

    Sun Java System Directory Server:


    connectionName="cn=Directory Manager"
connectionPassword="E451KDVb0OPcH+GN46OZcg=="

    Active Directory:


    connectionName="Administrator@sun.com"
connectionPassword="geEiVIbtO+DcH+GN46OZcg=="

    OpenLDAP Directory Server:


    connectionName="cn=Manager,dc=sun,dc=com"
connectionPassword="l/ZRt1cfNKc="

    To encrypt the password, use the encrypt utility in the JavaCAPS-install-dir/repository/repository/util directory. The file extension of the utility depends on your platform. This utility takes the unencrypted password as an argument. For example:


    C:\JavaCAPS6\repository\repository\util>encrypt mypwd
LCUApSkYpuE

  7. Save and close the server.xml file.

  8. Start the LDAP server.

  9. Shut down and restart the Repository.