...
An example of the configuration could be:
Code Block | ||
---|---|---|
| ||
<group name="security" description="security configuration"> <property name="access.control.configuration" value="${ceptor.home}/config/ceptor-security-ldap.xml" description="access control definitions"/> <property name="access.controller" value="dk.itp.security.accesscontrol.AccessControlListLDAPImpl" description="config server access controller implementation"/> <property name="remote.servers" value="localhost,192.168.255.255,10.255.255.255" description="allowed remote servers, host:port separated by ,;"/> </group> <group name="ldap" description="LDAP configuration"> <property name="ldap.basedn" value="dc=adtest,dc=net" description="The base DN to use"/> <property name="ldap.servers" value="adtest.net:389" description="The list of LDAP servers to use"/> <property name="ldap.systempassword" value="<password>" description="The password for the system user"/> <property name="ldap.systemuser" value="cn=Administrator,cn=Users,dc=adtest,dc=net" description="The system user to bind to LDAP"/> <property name="ldap.useridName" value="anr" description="The search criteria for user search"/> <property name="ldap.usersRDN" value="cn=Users"/> <property name="ldap.usersRDNName" value="cn=Users" description="RDN Name in the subtree that users are stored under"/> </group> |
...
An example can be found in the default installation directory; <CEPTOR_HOME>/config/ceptor-security-ldap.xml, where <CEPTOR_HOME> is the directory which Ceptor is installed in.
Code Block | ||
---|---|---|
| ||
<?xml version="1.0" encoding="ISO-8859-1"?> <system name="ceptor" version="2.0" copyright="(c) 2017, Ceptor ApS"> <security-acls> <acl name="web.*" description=""> <permission principal="CN=admin,DC=adtest,DC=net" allow="*" description="Allow administrator everything"/> <permission principal="CN=readonly,DC=adtest,DC=net" allow="read" description="Only read access is allowed"/> </acl> <acl name="web.collected-statistics-management.interval" description=""> <permission principal="CN=readonly,DC=adtest,DC=net" allow="read,write" description="Only read access is allowed"/> </acl> <acl name="web.collected-statistics-management.functions" description=""> <permission principal="CN=readonly,DC=adtest,DC=net" allow="read,write" description="Only read access is allowed"/> </acl> <acl name="web.collected-statistics-management.servers" description=""> <permission principal="CN=readonly,DC=adtest,DC=net" allow="read,write" description="Only read access is allowed"/> </acl> <acl name="telnet.*" description=""> <permission principal="CN=admin,DC=adtest,DC=net" allow="*" description="Allow administrator everything"/> </acl> <acl name="ppadmin.*" description=""> <permission principal="CN=admin,DC=adtest,DC=net" allow="*" description="Allow administrator everything"/> <permission principal="CN=readonly,DC=adtest,DC=net" allow="read" description="Only read access is allowed"/> </acl> </security-acls> </system> |
...