|
|
Modify the <frevvo-home>\tomcat\conf\server.xml file. Here is an example of the changes needed when using tomcat.
Edit this file with a text editor.
Search for 'ldap://localhost:389 - you should find this in the org.apache.catalina.realm.JNDIRealm section of the file.
Uncomment this section. Replace the existing code with the code shown below:
Replace the connectionURL, connectionName and the connectionPassword default values with your LDAP server information.
Refer to this Apache Tomcat website for detailed information about the remaining parameters.
<Realm className="org.apache.catalina.realm.JNDIRealm" connectionURL="ldap://test.windows.frevvo.com:389" connectionName="TEST\Administrator" connectionPassword="FrevvoTest00" adCompat="true" referrals="follow" userBase="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" userSearch="(&(objectClass=user)(sAMAccountName={0}))" userSubtree="true" userRoleName="memberOf" roleBase="CN=Users,DC=test,DC=windows,DC=frevvo,DC=com" roleSubtree="true" roleName="cn" roleSearch="(&(objectClass=group)(member={0}))" /> |
5. /wiki/spaces/frevvo91/pages/901492728with the LDAP Container Security Manager .
Here are some quick tests to check if the LDAP Container Security Manager tenant configuration is correct:
Browse 'http://<IP>:<PORT>/frevvo/web/tn/<tenant id>/login'. Substitute the ip address/port of the server and the name of your LDAPCSM tenant for the tenant id. The browser authentication light-box displays.
Login as the tenant admin for the LDAP-CSM tenant. This admin must have the frevvo.User role in addition to the frevvo.tenantadmin and frevvo.designer roles.
Since you are using LDAP to define users and roles (i.e., groups), you do not see an Add User icon or Add Role icon on the Manage Users or Manage Roles pages. |
If the tenant admin user does not exist or it does not have the required roles, this error will display with the name of the tenant you are trying to add:
This error message can be seen in the <frevvo-home>\tomcat\logs\frevvo.log file if the LDAP-CSM tenant cannot be created.
Application error processing /frevvo/web/tn?edit=true javax.servlet.ServletException: javax.servlet.ServletException: Tenant admin user 111 does not exist! or Tenant admin user lll must have roles: [frevvo.TenantAdmin,frevvo.Designer] if the tenant admin exists but does not have the correct roles. |