Manualshelf

NonStop Servlets for JavaServer Pages (5.0) System Administrator's Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
Configuring NSJSP
NonStop Servlets for JavaServer Pages (NSJSP) System Administrator’s Guide525644-002
3-36
JNDIRealm
°
There must be an attribute (identified by the userPassword attribute of our
<Realm> element) that contains the user's password, either in clear text or
digested (see Digested Passwords on page 3-45).
Each group of users that has been assigned a particular role is represented by an
individual element in the top level DirContext, which is accessed through the
connectionURL attribute.
The user group element must have the following characteristics:
°
The set of all possible groups of interest can be selected by an LDAP search
pattern configured by the roleSearch attribute in the <Realm> element.
°
The roleSearch pattern optionally includes pattern replacements {0} for the
distinguished name, and {1} for the username of the authenticated user for
which roles are to be retrieved.
°
The roleBase attribute can be set to the element that is the base of the
search for matching roles. If not specified, the entire directory context is
searched.
°
The roleSubtree attribute can be set to true to search the entire subtree of
the directory context. The default value of false requests a search of only the
current level.
°
The element includes an attribute (whose name is configured by the
roleName attribute of our <Realm> element) containing the name of the role
represented by this element.
There must be an administrator user name and password that NSJSP can use to
establish a connection to the directory server, with at least read-only access to the
information described above.
Realm Element Attributes
To configure a JNDIRealm, create a <Realm> element and nest it in your
$NSJSP_HOME/conf/iTP_server.xml file or in the <Context> element in the
context configuration file, as in Example 3-20
. The following attributes are supported
for JNDIRealm:
className
The value is org.apache.catalina.realm.JNDIRealm.
connectionName
The user name used to establish a JNDI connection with the directory server.
connectionPassword
The password used to establish a JNDI connection with the directory server.