View comments | RSS feed
JRun Administrator's Guide Previous Up One Level Next
JRun Security


Integrating with an existing security mechanism

JRun includes login modules for JDBC, LDAP, and Windows. To use one of these login modules, you use the JMC to specify their usage and supply parameters that specify how to integrate with the existing security system. For example, to use the JDBC login module, you specify a data source, table name, and columns for user and role information.

Note:   You do not have to use the same mechanism for users and roles. For example, if you have an existing user store (in a relational database, for example) but no existing role store, you might use the JDBC login module for user authentication and the XMLLoginModule for authorization (that is, roles).

For information on creating a customized login module, including information on other classes and interfaces used by JAAS, see "Using a customized security implementation".

Using a JDBC-based security implementation

JRun ships with a JDBC login module that you can use to integrate JRun security with existing tables for authentication and authorization. The JDBC login module requires the following information for user authentication:

The JDBC login module requires the following information for user-role authorization:

You enable use of the JDBC login module through specifications made in the JMC or by manually editing the SERVER-INF/auth.config file. For more information, see the JMC online Help.

Using an LDAP-based security implementation

JRun ships with an LDAP login module that you can use to integrate JRun security with existing LDAP servers for user authentication. The LDAP user login module requires the following information for user authentication:

Note:   Because LDAP has no standard location for managing users and roles, the use of LDAP login modules for user-role authorization is not supported.

You enable use of the LDAP user login module through specifications made in the JMC or by manually editing the SERVER-INF/auth.config file. For more information, see the JMC online Help.

Using a Windows-based security implementation

JRun ships with a Windows login module that you can use to integrate JRun security with existing Windows domains for authentication and authorization. This login module maps groups to roles. The Windows login module requires the following information for user authentication:

The Windows login module requires the following information for user-role authorization:

Note:   If using the Windows security implementation, you must ensure that all Microsoft security patches have been applied to the Windows server.

You enable use of the Windows role login module through specifications made in the JMC or by manually editing the SERVER-INF/auth.config file. For more information, see the JMC online Help.

Previous Up Next

Comments


AWhitford said on Jun 4, 2004 at 2:03 PM :
Is Microsoft Active Directory supported?
jrunrandy said on Jun 7, 2004 at 7:02 AM :
I believe that the easiest way to integrate active
directory is via NT domain authentication -- JRun provides a
connector for doing domain auth. If you need something more
specific you will need to write a custom authentication module.

Please remember that we're just Tech Writers. You may
want to post this question to the JRun forums:
http://webforums.macromedia.com/jrun
emilesvt said on Jan 11, 2005 at 7:09 AM :
I realize it's not supported, but are there any tutorials or documentation on setting up JRun4 with LDAP? The documentation here doesn't even tell you how to use the provided LDAP module...

Thanks.

 

RSS feed | Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/jrun/4/JRun_Administrators_Guide/authentic4.htm