13 de set. de 2020

LDAP and JBoss EAP - securing the management console

[root@master openldap]# cat console.ldif 
dn: uid=isweluiz,ou=people,dc=redhat,dc=com
changetype: add
objectclass: top
objectclass: inetorgperson
uid: isweluiz
cn: Luiz 
sn: Eduardo
userPassword: isweluiz


Editing the file host.xml or host-master.xml case you're running JBoss as a domain mode.

 <security-realms> 

               . . .
               <security-realm name="LDAPRealm">
                 <authentication>
                    <ldap connection="ldapconnection" base-dn="ou=People,dc=keycloak,dc=org">
                       <username-filter attribute="uid"/>
                    </ldap>
                 </authentication>
             </security-realm>
 
</security-realms>
<outbound-connections>
       <ldap name="ldapconnection" url="ldap://localhost:10389" search-dn="uid=admin,ou=system" search-credential="secret"/>
</outbound-connections>

Last change, is setting the LDAPRealm on the management-interfaces:
<management-interfaces>
            <http-interface security-realm="LDAPRealm" http-upgrade-enabled="true">
                <socket-binding http="management-http"/>
            </http-interface>
</management-interfaces>
 Now start JBoss check the you are able to log in the management console (http://localhost:9990 by default) with any of the two users you have created.












Nenhum comentário:

Postar um comentário