|
jaas-context
|
file, ldap, solaris
|
Specifies the JAAS (Java Authentication and Authorization Service) context.
|
|
file
|
file
|
Specifies the file that stores user names. The default is domain-dir/config/keyfile.
|
|
assign-groups
|
certificate
|
(optional) If this property is set, its value is taken to be a comma-separated
list of group names. All clients who present valid certificates are assigned membership to these groups
for the purposes of authorization decisions in the web and EJB containers.
|
|
directory
|
ldap
|
Specifies the LDAP URL to your server.
|
|
base-dn
|
ldap
|
Specifies the LDAP base DN for the location of user data. This base
DN can be at any level above the user data, since a tree scope search is performed.
The smaller the search tree, the better the performance.
|
|
search-filter
|
ldap
|
(optional) Specifies the search filter to use to find the user. The
default is uid=%s (%s expands to the
subject name).
|
|
group-base-dn
|
ldap
|
(optional) Specifies the base DN for the location of groups data. By
default, it is same as the base-dn, but it can be tuned,
if necessary.
|
|
group-search-filter
|
ldap
|
(optional) Specifies the search filter to find group memberships for
the user. The default is uniquemember=%d (%d expands
to the user element DN).
|
|
group-target
|
ldap
|
(optional) Specifies the LDAP attribute name that contains group name
entries. The default is CN.
|
|
search-bind-dn
|
ldap
|
(optional) Specifies an optional DN used to authenticate to the directory
for performing the search-filter lookup. Only required
for directories that do not allow anonymous search.
|
|
search-bind-password
|
ldap
|
(optional) Specifies the LDAP password for the DN given in search-bind-dn .
|
