将LDAP用户与Weblogic服务器本地组相关联
[英]Associate LDAP users to weblogic server local group
问题描述
I have created one group on web-logic server, now i want to add user in that groups(they are configured on LDAP Server). 
我已经在Web逻辑服务器上创建了一个组,现在我想在该组中添加用户(它们在LDAP服务器上配置)。
how can I achieve the same. 我怎么能达到同样的目的。 or is there any way I can get all list of LDAP users or groups through some java code. 或者有什么方法可以通过一些Java代码获取LDAP用户或组的所有列表。
1 个解决方案
解决方案1
0 2011-09-20 06:16:59
You're actually making life harder for yourself than it needs to be here. 您实际上使自己的生活比这里需要的更加艰难。
A user's group memberships should be defined in the same security realm as the user themselves - you can't get part of the subject from one place and part of it from the other, at least not without creating a custom security provider as far as I'm aware, and that's way more effort than its worth. 用户的组成员身份应在与用户本身相同的安全领域中定义-您不能从一个地方获得该主题的一部分,而从另一个地方获得它的一部分,至少就我而言,除非没有创建自定义安全提供者知道,这比付出更多的努力。
If the users are defined in an external LDAP server, this is where the group membership should also be configured. 如果用户是在外部LDAP服务器中定义的,则还应该在其中配置组成员身份。
A possible alternative depending on what you're securing would be to use role-based security configuration, but even then you still want something to determine membership in a role, and that should typically be a group. 根据您要保护的内容,一种可能的选择是使用基于角色的安全性配置,但是即使那样,您仍然需要一些东西来确定角色的成员身份,并且通常应该是一个组。
Security configuration should always be based on groups rather than users, otherwise maintenance will become very painful. 安全配置应始终基于组而不是用户,否则维护将非常麻烦。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.