Hi!
Following this (and this) I tested using this example Docker image against Rundeck 4.4.0 and it works with a regular config:
To run the test LDAP STARTTLS container:
docker run --rm -p 10389:10389 -p 10636:10636 rroemhild/test-openldap
The Rundeck jaas-ldaps.conf
file: content
ldaps {
com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule required
# Connection section
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
# just for testing: I added the planetexpress.com name to /etc/hosts local file.
providerUrl="ldaps://planetexpress.com:10636"
bindDn="cn=admin,dc=planetexpress,dc=com"
bindPassword="GoodNewsEveryone"
authenticationMethod="simple"
forceBindingLogin="true"
# Users section
userBaseDn="ou=people,dc=planetexpress,dc=com"
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="inetOrgPerson"
userLastNameAttribute="sn"
userFirstNameAttribute="givenName"
userEmailAttribute="mail"
# Roles section
# I added a "rdeck_roles" posixGroup on LDAP server using Apache Directory Studio
# and then I added some users on that group :-)
roleBaseDn="cn=rdeck_roles,dc=planetexpress,dc=com"
roleNameAttribute="cn"
roleUsernameMemberAttribute="memberUid"
roleMemberAttribute="memberUid"
roleObjectClass="posixGroup"
cacheDurationMillis="300000"
supplementalRoles="user"
reportStatistics="true"
timeoutRead="10000"
timeoutConnect="20000"
nestedGroups="false";
};
A war launcher (My test envioroment is under Rundeck SSL, take a look):
#!/bin/bash
# rundeck version
version=rundeck-4.4.0-20220714.war
path="/path/to/my/rundeck/war/server/config"
min=1024m
max=2048m
# rundeck ssl + ldaps starttls test docker container
java -server -Xms$min -Xmx$max -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-ldaps.conf -Dloginmodule.name=ldaps -Drundeck.ssl.config=$path/ssl.properties -jar $version
Regards!
--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/73d7545d-fef1-4ca3-86bc-807462bfd9f2n%40googlegroups.com.