I am trying to search but couldn't find an answer to it.
I recorded a few http calls for mocking external services but not sure if I can record and use ldap call with wiremock. I am using spring ldap template to connect to ldap (org.springframework.ldap.core.LdapTemplate).
Related
I'm trying to create a self-hosted app. This app would provide a custom express server with some routes and also provides a CouchDB access using pouchdb-server. I would like the node server to be able to configure the database and create the admin username/password, and then create the roles functions. How can I configure CouchDB from my nodejs app?
I would like to:
Stop admin party and create an admin with a password. I found that the web client makes a PUT request to http://localhost:5984/_node/couchdb#localhost/_config/admins/<username> with password in payload, but I would like to do it using express-pouchdb, so HTTP is not possible
Create users roles I would like to set up several roles
Set up permissions which roles can update which databases, what databases are readable by who etc...
Please note that I can't do direct http requests to CouchDB, since I'm using pouch-db-express in my node app to serve the db to the client, and I would like my express app to configure the couchDB instance managed by pouchdb-express
Stop admin party and create an admin with a password
I'm pretty sure the only way to interact with the _config endpoint is with HTTP, as I see no config plugin on the plugins page. Even if there was a plugin, it would use HTTP. Is there some reason HTTP is actually not possible? Or you just don't want to use it?
Create users roles
The PouchDB authentication plugin can do this for you.
Set up permissions
The authentication plugin also gives you access to the _security endpoint for this. Then you'll also need to create the appropriate design documents, using the standard put() API.
I was trying to setup LDAP auth in Presto and was able to configure "user-based" authentication but have some issue with configuring "group-based" auth.
I'm always receiving message that my user is not in LDAP group while ldapsearch utility shows that I'm in.
I did not found any parameter/option in config.properties to use to pass user/password for LDAP search (I suppose that functionality used to find in user is in AD group) while in our infrastructure anonymous searches are restricted. So it might be the case.
It would be nice if someone will tell me:
are there any parameter (maybe undocumented) to provide user/password
to query ldap?
any workaround to implement "group-based" search?
thanks
Using the IBM SBT, one can easily register and endpoint to connect to IBM Connections Cloud. That way it is easily possible to access the APIs provided by IBM Connections using a local URL that is then proxied to the cloud.
Usage can be done using the provided JavaScript or by just requesting a resource from the locally provided endpoint that is connected to the cloud. While this appears to be working for the vast majority of the documented APIs, it does not for the OEmbed API.
Example: If you have a local Java App Container (like IBM Websphere Liberty Profile) that is running a testapp and has a configured endpoint to your Connections Cloud Organization, you may ask that endpoint to retrieve the users profile service document by requesting: https://localhost/testapp/service/proxy/localhost/profiles/atom/profileService.do.This will retrieve the very same resource as you would receive if you request https://apps.na.collabserv.com/profiles/atom/profileService.do directly.
Other APIs work similarly. Unfortunately the OEmbed API does not. That means, if one would request https://apps.na.collabserv.com/connections/opengraph/form/anonymous/api/oembed?maxHeight=180&maxWidth=180&extended=true&url=http%3A%2F%2Fwww.ibm.com the server returns some JSON as described in the spec. In the same seting as above, a call to https://localhost/testapp/service/proxy/localhost/connections/opengraph/form/anonymous/api/oembed?url=http%3A%2F%2Fwww.ibm.com&maxHeight=180&maxWidth=180&extended=true should return the same result but isn't. Instead the server returns an Error 403: SRVE0295E: Error reported: 403 with a HTTP Status 403.
The response is by the way the same result as one would get if he was trying to use the direct URL unauthenticated against the cloud.
Is there anything that needs to be configured in order to use the OEmbed service via SBT?
I want to configure a WSO2 identity server as security repository for my WSO2 application server. I've read the application server online documentation but I didn't find any reference to this configuration.
Is there any tutorial?
Simple Scenario : I have a Web app configured to use Basic Auth in the web.xml file , and i want to use wso2is as the user store for authentication and authorization.
It is possible to use web service API to integrate with WSO2 Identity Server. WSO2 IS has user-mgt,entitlement APIs.For any user-mgt action and check authorization action, we can call these APIs from any product. Sorry I couldn't find any tutorial describing this.
Hope following blog post may helpful to you at some point, as it is recommend you to have external LDAP user store. It describes how to connect external LDAP with WSO2 Identity Server.
http://blog.facilelogin.com/2009/06/connecting-wso2-identity-server-20-to.html
Do you want to use the Identity Server for authentication?
Or do you just need a user store?
Or do you need a Token-Service to secure the communication between App-Server and Web-Services?
It is not clear what exactly you want to use th Identity server for. In JBoss for example you also can use authentication with an LDAP, thus you wouldn't need the Identity Server.
I am trying to establish a connection to a ldap in gwt. Thanks to a former post
( GWT JDBC LDAP connection fails ) I was able to at least contact that server. However, even though I put in the correct cn/uid and password the access is denied. I get following exception:
java.security.AccessControlException: access denied (java.net.SocketPermission IP:PORT connect,resolve)
I know that my login name and password are correct because I was able to access the ldap via JXplorer and checked it. Could App Engine be the problem? And if so, how can I test my application when using App Engine is disabled?
Thanks in advance
you mentioned that you are developing for app engine.
On app engine you are not allowed to open a socket by yourself (your exception occurs because of this restriction.) If you want to setup a connection to your ldap you have to wrap your ldap call as HTTP and use it with the url fetch service. If the ldap is inside your company you can use google secure data connector to have a https connection from app engine to your internal network.
If you are developing for app engine, i dont think you can connect to LDAP or JDBC or anything TCP/IP, apart from what app engine offers as API.
LDAP requires sockets (TCP port 389) and AppEngine does not support sockets.