To Get OLAC & Auth Header to work
Novell Cool Solutions: Feature
|
Digg This -
Slashdot This
Posted: 27 Sep 2001 |
Requirements
- Integrated ICS 10-16-00b (debug)
- IChain Authorization 5.17
- IChain Community Services 5.17
- The patch nlms
Instructions to Copy Files
- Copy nile.nlm and nwutil.nlm to c:\nwserver or d:\nwserver (depending on which is your local drive's DOS primary partition)
- Copy the remaining (including nwutil.nlm) to sys:system of the ICS box.
- Edit the Appstart.ncf and the oac.properties as given below:
Appstart.ncf
Contents of the sys:system\AppStart.ncf file
(Note: Add oacjava line after Load java):
load capatch
load nwutil
EDGXSTRT.NCF
LOAD regjni
CAAIOCFG.NCF
LOAD JAVA
oacjava
load nbmalert
load brdsrv /noload
load aclcheck /d2 /f10 /c10
load authchk
load proxycfg
load ldapsdk
load ldapssl
load pkiapi
load radchk
load zlib
load proxy
load caconfig
load persist
load inet
load picsimp
load acfilter
load acfjni
load blockjni
unload updscr
load setsrvip
load cert
b
mmspass 1755
load icscon
java -neh -ns com.novell.appliance.server.ServerApplication
oac.properties
Contents of sys:ichain\oac\oac.properties file
(Note: Enter the Fully Distinguished Name with comma for ISO objects, Admin user; ip address of the Access Control LDAP Server, admin user's password should be filled up):
[OAC]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
ISO Object Name = cn=iso,o=novell
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Refresh Time = 60
[LDAP Processor]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Class Name = com.novell.ichain.oac.ldap.ParamListBuilder
[iChain Processor]
Initial Context Factory = com.sun.jndi.ldap.LdapCtxFactory
Provider URL = ldap://10.10.0.1:389/
Security Principal = cn=admin,o=novell
Security Credentials = admin
Security Authentication = simple
Class Name = com.novell.ichain.oac.community.ParamListBuilder
Test Cases Used for Testing OLAC & Auth Header
Case I
With OLAC Attributes set in ConsoleOne (running the iChain Snap-ins). Select Properties of ISO Object_Protected Resource and after selecting the Protected Resource and click on the first button on the left (before the create and delete buttons).
|
Name: |
Name |
Member |
|
DataSource: |
ldap |
ichain |
|
Value |
cn |
Communities |
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
Name : u1
Member : ou=C-Top,o=novell
Case II
With OLAC Attributes
|
Name: |
Name |
Member |
ICHAIN_UID |
|
DataSource: |
ldap |
ichain |
ldap |
|
Value |
cn |
Communities |
cn |
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)
Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
Case III
With OLAC Attributes
|
Name: |
Name |
Member |
ICHAIN_PWD |
|
DataSource: |
ldap |
ichain |
ldap |
|
Value |
cn |
Communities |
cn |
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding cn=u1,o=novell:u1)
username:cn=u1,o=novell
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)
Name : u1
Member : ou=C-Top,o=novell
ICHAIN_PWD:u1
Case IV
With OLAC Attributes
|
Name: |
Name |
Member |
ICHAIN_UID |
ICHAIN_PWD |
|
DataSource: |
ldap |
ichain |
ldap |
ldap |
|
Value |
cn |
Communities |
cn |
cn |
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)
Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1
Case V
With OLAC Attributes
|
Name: |
Name |
Member |
ICHAIN_PWD |
ICHAIN_UID |
|
DataSource: |
ldap |
ichain |
ldap |
ldap |
|
Value |
cn |
Communities |
cn |
cn |
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)
Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1
Case VI
With OLAC Attributes
|
Name: |
Name |
Member |
ICHAIN _PWD |
ICHAIN _UID |
SName |
|
|
Data Source: |
Ldap |
ichain |
ldap |
ldap |
Ldap |
Ldap |
|
Value |
cn |
Commun- ities |
cn |
cn |
sn |
|
Using AuthHeaderServlet (sys:java\servlets) program by pointing browser to URL:http://captest.sjf.novell.com/servlet/AuthHeaderServlet the following was the output:
Basic (shows in Base64 encoding u1:u1)
username:u1
password:u1
Using Query.html (sys:novonyx\suitespot\docs\iSampleUI\)by pointing browser to URL:http://captest.sjf.novell.com/iChain/query.html
(Note: You may have to login to the webserver at the dialog box using the full DN with dots.)
Name : u1
Member : ou=C-Top,o=novell
ICHAIN_UID:u1
ICHAIN_PWD:u1
Sname:user1
E-mail:u1@novell.com
Note: The values of ICHAIN_UID and ICHAIN_PWD should not be coming in the query.html in a normal situation. This may be fixed later on.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com