Archive for August, 2008

Play with LDAP in tempo

August 31, 2008 2 comments

Since we have Alfresco and Liferay SSO integration with CAS, it was getting time to integrate the credentials of all those people using LDAP.
We’ve taken ApacheDS, because it was easily embed-able as a webapp inside tomcat.

Now, on to what we can do to manage the different users in tempo.

1. Try it with Apache Directory Studio.

Go over there, and download your own copy. It installs and runs just like an eclipse Application, for its good and bad thing. See the Connections tab ?Next step is to define the few parameters needed to connect to the embedded Tempo server. Here are the different settings:The secret password is “secret” by default, you can of course change this when needed.Then once you have created the connection, here is how it looks in the LDAP browser:

Creating a new user, is now just a matter of copying another one.

So, here we are using admin as a template for our new user.

And, when finishing we now have a new user in our list:

We can assign our new user roles, by clicking in the Roles subsection of the LDAP tree:

And adding a line as a “uniquemember” for each roles we want our new user to be in:

2. Log into the UI-FW

Now we can use this new user straight away for the different tempo components. So for example, I will go and display the login form for ui-fw. (Note this link works only if you have the server running on your machine)

Password is the same as our old friend “admin”, so if you haven’t changed any configuration, that should be “changeit”, without the quotes. And, now at the top right corner of your session, you should have the new user, with ProcessAdministrator privileges.Voila !

3. Use it with a short ruby program.

And here is how it would go to just check that the above new user has been properly created using a short ruby script.

And the output of such a program:

Voila. Nothing more than a few ldap commands, but it now turned way easier to manipulate users in tempo and the other integrated components !

If you plan on configuring the roles in Liferay with this, here’s their LDAP configuration page.

Categories: Uncategorized