Bug 985296 - Mistakes in 10.7.4. Use LDAP to Authenticate to the Management Interfaces of Administration and Configuration Guide
Mistakes in 10.7.4. Use LDAP to Authenticate to the Management Interfaces of ...
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ER6
: EAP 6.3.0
Assigned To: David Michael
Russell Dickenson
David Michael
: Documentation
Depends On: 953861
  Show dependency treegraph
Reported: 2013-07-17 05:22 EDT by Ondrej Lukas
Modified: 2014-08-14 11:19 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Build: CSProcessor Builder Version 1.11 Build Name: 11865, Administration and Configuration Guide-6.1-4 Build Date: 12-07-2013 01:29:20 Topic ID: 8433-458770 [Specified]
Last Closed: 2014-06-28 11:28:28 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ondrej Lukas 2013-07-17 05:22:12 EDT
These mistakes were copied from https://bugzilla.redhat.com/show_bug.cgi?id=953861 because they occure in Administration and Configuration Guide too.

1) 10.7.4. Use LDAP to Authenticate to the Management Interfaces
Table 10.1
 - there shouldn't be attribute name (i.e. name is not an attribute in the model)
 - there is missing attribute "security-realm" - The security realm to reference to obtain a configured SSLContext to use when establishing the connection.

2) There is described rather the XML schema than the model in "Create an LDAP-Enabled Security Realm" section. We should avoid this, editing XML directly is AFAIK not the supported administration way. The model attributes should be described instead:
"connection" => "The name of the connection to use to connect to LDAP.",
"advanced-filter" => "The fully defined filter to be used to search for the user based on their entered user ID. The filter should contain a variable in the form {0} - this will be replaced with the username supplied by the user.",
"base-dn" => "The base distinguished name to commence the search for the user.",
"user-dn" => "The name of the attribute which is the user's distinguished name.",
"recursive" => "Whether the search should be recursive.",  default is false
"username-attribute" => "The name of the attribute to search for the user. This filter will then perform a simple search where the username entered by the user matches the attribute specified here.",
"allow-empty-passwords" => "Should empty passwords be accepted from the user being authenticated.", default is false

3) Example 10.10. Add an LDAP Security Realm
The example doesn't add security realm - there is missing first line in the sample:

4) Example 10.11 should use the realm name used before (in 10.10) - i.e. "ldap_security_realm"
Comment 1 Misty Stanley-Jones 2013-07-24 23:15:59 EDT
#1 is addressed in revision 481767 of topic 8433.

#2 has been fixed already in bug 953861.

#3 and #4 are now fixed in revision 481768 of topic 8429.

Will be set to ON_QA when the changes are available for review.
Comment 2 Misty Stanley-Jones 2013-08-29 21:45:24 EDT
Not yet updated.
Comment 11 Ondrej Lukas 2014-06-04 01:36:45 EDT
Verified on stage for 6.3 Administration and Configuration Guide in Revision 6.3.0-21.

Note You need to log in before you can comment on or make changes to this bug.