toubsen.de appfuse
http://toubsen.de/
2010-09-08T17:10:48+02:00toubsen.de
http://toubsen.de/
http://toubsen.de/lib/images/favicon.icotext/html2007-06-30T09:21:33+02:00appfuse:ldap-db
http://toubsen.de/appfuse/ldap-db?rev=1183188093&do=diff
A drawback of the LDAP authentication approach is, that roles and other user details are only retrieved from the LDAP server (plus it breaks the user counter, as it casts to org.appfuse.model.User). You might have the wish, to define additional properties or assign roles just available in the application scope.text/html2010-02-28T19:36:45+02:00appfuse:ldap
http://toubsen.de/appfuse/ldap?rev=1267382205&do=diff
This page describes how to integrate AppFuse with a Windows Active Directory server (tested with Windows 2003 server).
Define LDAP beans
To enable LDAP authentication some beans need to be defined in security.xml.
<bean id="initialDirContextFactory"
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg value="ldap://ldapserver.company.com:389/DC=Company,DC=com" />
<property name="managerDn" value="CN=username,CN=Users,DC=Company,DC=com" />
<property name="manag…text/html2007-06-23T03:13:54+02:00appfuse:start
http://toubsen.de/appfuse/start?rev=1182561234&do=diff
Below you find a list of available documentation.
Webservices
* Export Managers as webservice using HttpInvoker
Security
LDAP/Active Directory
* Authentication via LDAP in a windows domain (AD)
* Enrich LDAP-UserDetails from DB
Access control lists (ACLs)
* Access control on objects with ACLstext/html2010-02-28T19:36:45+02:00appfuse:webservices
http://toubsen.de/appfuse/webservices?rev=1267382205&do=diff
It's easy to export the AppFuse managers as a webservice to various clients using Spring remoting.
The HttpInvoker
If you only have Java clients, the easiest solution for exporting managers is using the HttpInvoker. As it uses Java serialization, you don't have to care about object mappings or conversions. Additionally, by using HTTP as a protocol, it's trivial to allow access to the services via a proxy. If you later on wish to change the protocol (e.g. to allow non-Java clients to access yo…