From fcc3cbf4cad07e28d41b92c21f6f58b0c3d45f9a Mon Sep 17 00:00:00 2001 From: Robert Gemmell Date: Wed, 28 Nov 2012 17:11:52 +0000 Subject: QPID-4462: add some documentation regarding the security provider workaround, until the issue can be fixed git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1414821 13f79535-47bb-0310-9956-ffa450edef68 --- ...va-Broker-Security-Authentication-Providers.xml | 40 ++++++++++++++++++---- 1 file changed, 33 insertions(+), 7 deletions(-) diff --git a/doc/book/src/java-broker/Java-Broker-Security-Authentication-Providers.xml b/doc/book/src/java-broker/Java-Broker-Security-Authentication-Providers.xml index 96b6f99185..0974441ae5 100644 --- a/doc/book/src/java-broker/Java-Broker-Security-Authentication-Providers.xml +++ b/doc/book/src/java-broker/Java-Broker-Security-Authentication-Providers.xml @@ -38,18 +38,44 @@ -
+
LDAP + + + LDAP authentication can be configured using the <simple-ldap-auth-manager> element + within the <security> section. An example of how to configure this is shown below. + Please note this example also configures an unused <pd-auth-manager> to use an empty + password file, this is a workaround for an issue relating to registration of security providers. + + + + NOTE: When using LDAP authentication, you must also use SSL on the brokers AMQP messaging and + JMX/HTTP management ports in order to protect passwords during transmission to the broker. + Configuring LDAP authentication - - ldaps://example.com:636/ - dc=example\,dc=com - (uid={0}) - - ... + SimpleLDAPAuthenticationManager + + ldaps://example.com:636/ + dc=example\,dc=com + (uid={0}) + + + + + + org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase + + + passwordFile + ${conf}/emptyPasswdFile + + + + + ... ]]> -- cgit v1.2.1