Section | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
...
- Stop if it is running.
- Modify the <frevvo-home>\tomcat\conf\server.xml file. Here is an example of the changes needed when using tomcat.
- Edit this file with a text editor.
- Search for 'ldap://localhost:389 - you should find this in the org.apache.catalina.realm.JNDIRealm section of the file.
- Notice lines 98 - 107 are commented out.
- Uncomment this section. Replace the existing code with the code shown below:
- Replace the connectionURL, connectionName and the connectionPassword default values with your LDAP server information.
- Refer to this website for detailed information about the remaining parameters.
Code Block |
---|
<Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://test.windows.frevvo.com:389" connectionName="TEST\Administrator" connectionPassword="FrevvoTest00" adCompat="true" referrals="follow" userBase="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" userSearch="(&(objectClass=user)(sAMAccountName={0}))" userSubtree="true" userRoleName="memberOf" roleBase="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" roleSubtree="true" roleName="cn" roleSearch="(&(objectClass=group)(member={0}))" /> |
Code Block |
---|
<Parameter name="com.frevvo.security.ldap.connection.url" value="ldap://test.windows.frevvo.com:389" override="false"/>
<Parameter name="com.frevvo.security.ldap.connection.name" value="TEST\Administrator" override="false"/>
<Parameter name="com.frevvo.security.ldap.connection.password" value="FrevvoTest00" override="false"/>
<Parameter name="com.frevvo.security.ldap.usersBase" value="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" override="false"/>
<Parameter name="com.frevvo.security.ldap.groupsBase" value="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" override="false"/>
<Parameter name="com.frevvo.security.ldap.userIdDisplayAttribute" value="sAMAccountName" override="false"/>
<Parameter name="com.frevvo.security.ldap.groupIdDisplayAttribute" value="sAMAccountName" override="false"/>
<Parameter name="com.frevvo.security.ldap.notifications" value="true" override="false"/>
<Parameter name="com.frevvo.security.ldap.allGroupsFilter" value="(objectClass=group)" override="false"/>
<Parameter name="com.frevvo.security.ldap.allUsersFilter" value="(objectClass=user)" override="false"/>
<Parameter name="com.frevvo.security.ldap.distinguishedNameAttribute" value="distinguishedName" override="false"/>
<Parameter name="com.frevvo.security.ldap.userMemberOfAttribute" value="memberOf" override="false"/>
<Parameter name="com.frevvo.security.ldap.groupMemberAttribute" value="member" override="false"/>
<Parameter name="com.frevvo.security.ldap.firstNameAttribute" value="givenName" override="false"/>
<Parameter name="com.frevvo.security.ldap.lastNameAttribute" value="sn" override="false"/>
<Parameter name="com.frevvo.security.ldap.emailAttribute" value="mail" override="false"/>
<Parameter name="com.frevvo.security.ldap.managerAttribute" value="manager" override="false"/>
<Parameter name="com.frevvo.security.ldap.ignoreCase" value="true" override="false"/> |
...
5. Create a tenant with the LDAP Container Security Manager class.
- Login to Live Forms as a Live Forms administrator (user:admin@d and password:admin if you have not changed it).
- Click on Manage and then Manage Tenants.
- You will see a page where the current tenants are listed. If this is a new installation you will only see the default tenant d.
- Click on the plus sign (+) to add a new tenant.
- Configure the new tenant following the steps below:
Section | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
If the tenant admin user does not exist or it does not have the required roles, this error will display with the name of the tenant you are trying to add:
This error message can be seen in the <frevvo-home>\tomcat\logs\frevvo.log file if the LDAP-CSM tenant cannot be created.
...
.
6. Stop .
7. The <frevvo-home>\tomcat\webapps\frevvo.war file must be secure. This is done by enabling the <security-contraint/> found in the web.xml file included in the frevvo.war.
...