Novell Home

To Get OLAC & Auth Header to work

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 27 Sep 2001
 

Requirements

  • Integrated ICS 10-16-00b (debug)
  • IChain Authorization 5.17
  • IChain Community Services 5.17
  • The patch nlms

Instructions to Copy Files

  1. Copy nile.nlm and nwutil.nlm to c:\nwserver or d:\nwserver (depending on which is your local drive's DOS primary partition)
  2. Copy the remaining (including nwutil.nlm) to sys:system of the ICS box.
  3. Edit the Appstart.ncf and the oac.properties as given below:

Appstart.ncf

Contents of the sys:system\AppStart.ncf file
(Note: Add oacjava line after Load java):

load capatch
load nwutil
EDGXSTRT.NCF
LOAD regjni
CAAIOCFG.NCF
LOAD JAVA
oacjava
load nbmalert
load brdsrv /noload
load aclcheck /d2 /f10 /c10
load authchk
load proxycfg
load ldapsdk
load ldapssl
load pkiapi
load radchk
load zlib
load proxy
load caconfig
load persist
load inet
load picsimp
load acfilter
load acfjni
load blockjni
unload updscr
load setsrvip
load cert
b mmspass 1755
load icscon
java -neh -ns com.novell.appliance.server.ServerApplication

oac.properties

Contents of sys:ichain\oac\oac.properties file
(Note: Enter the Fully Distinguished Name with comma for ISO objects, Admin user; ip address of the Access Control LDAP Server, admin user's password should be filled up):

[OAC]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
ISO Object Name = cn=iso,o=novell
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Refresh Time = 60

[LDAP Processor]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Class Name = com.novell.ichain.oac.ldap.ParamListBuilder

[iChain Processor]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Class Name = com.novell.ichain.oac.community.ParamListBuilder

Test Cases Used for Testing OLAC & Auth Header

Case I

With OLAC Attributes set in ConsoleOne (running the iChain Snap-ins). Select Properties of ISO Object_Protected Resource and after selecting the Protected Resource and click on the first button on the left (before the create and delete buttons).

Name:

Name

Member

DataSource:

ldap

ichain

Value

cn

Communities

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

Name : u1
Member : ou=C-Top,o=novell

Case II

With OLAC Attributes

Name:

Name

Member

ICHAIN_UID

DataSource:

ldap

ichain

ldap

Value

cn

Communities

cn

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)

Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1

Case III

With OLAC Attributes

Name:

Name

Member

ICHAIN_PWD

DataSource:

ldap

ichain

ldap

Value

cn

Communities

cn

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)

Name : u1
Member : ou=C-Top,o=novell
ICHAIN_PWD:u1

Case IV

With OLAC Attributes

Name:

Name

Member

ICHAIN_UID

ICHAIN_PWD

DataSource:

ldap

ichain

ldap

ldap

Value

cn

Communities

cn

cn

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)

Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1

Case V

With OLAC Attributes

Name:

Name

Member

ICHAIN_PWD

ICHAIN_UID

DataSource:

ldap

ichain

ldap

ldap

Value

cn

Communities

cn

cn

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)

Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1

Case VI

With OLAC Attributes

Name:

Name

Member

ICHAIN _PWD

ICHAIN _UID

SName

E-mail

Data Source:

Ldap

ichain

ldap

ldap

Ldap

Ldap

Value

cn

Commun- ities

cn

cn

sn

mail

Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:

Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1

Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html

(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)

Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1
Sname:user1
E-mail:u1@novell.com

Note: The values of ICHAIN_UID and ICHAIN_PWD should not be coming in the query.html in a normal situation. This may be fixed later on.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell