Jetty combined ldap

[rooty0]

Before applying this, please see #94 and #96 as these fixes were merged to this feature branch (JettyCombinedLdap).

---

Since Rundeck 2.5 there is a new very useful feature: LDAP "shared authentication credentials".
see http://rundeck.org/docs/administration/authenticating-users.html#ldap for more details.

This pull request provides puppet's implementation of that feature

to activate this feature $auth_types should be assigned as

• ldap_shared

or

• active_directory_shared

That means that rundeck will authenticate user with LDAP (or AD) and will perform authorization with FileLoginModule (realm file) to assign provided roles

• http://rundeck.org/docs/administration/authenticating-users.html#jettyrolepropertyfileloginmodule

[rooty0]

hey @liamjbennett
Just wondering.
Do you need a help on this? Do you want me to fix something?
You need to revert only this change: https://github.com/rooty0/puppet-rundeck/commit/e2a4f4fe969029980e7be5ab6dc9c80281728d06

These changes are tested and they are works without any issues.

I using this in production at my work.

[jyaworski]

Hello:

Not an owner of the repo, but can you resolve the conflicts in this PR? This also serves as a reminder to the owners.

[rooty0]

@liamjbennett c'mon, let's merge it :)
it is really useful feature, I use this module including these changes in production since June.

#94 was removed from this branch

[nibalizer]

@rooty0 as @jyaworski commented, can you squash please?

[nibalizer]

Looking at the change this looks fine. Happy to merge when it gets squashed.

[rooty0]

I'll try, didn't do squash before :)

[rooty0]

@nibalizer, I think I did it. Do you want me to change commit message?

[nibalizer]

@rooty0 yes please can you rewrite the commit message to be one description of the complete change. Sorry to nitpick on procedure here.

[rooty0]

@nibalizer it's ok, commit message fixed. Let me know if I need to fix something else. Thanks

[igalic]

do all of these conditions have to be met for it to become true?

[rooty0]

@igalic sorry, I'm afraid I don't understand your question. We need to deploy realm file when "file" or/and "ldap_shared" or/and "active_directory_shared" in use . In case of "shared" approach, we still use realm file for authorization procedure.

[igalic]

that's exactly what i was asking, @rooty0.

i was just trying to think of a more puppety way of structuring that logic.