[jboss-user] [Security & JAAS/JBoss] - Re: Cannot authenticate using LdapExtLoginModule against AD
zzzz8
do-not-reply at jboss.com
Sat Nov 18 18:42:00 EST 2006
I found the problem - and it took quite a while to solve because the exception stack traces weren't very helpful...
It seems if one uses a JBoss URL or directory property in properties service (in this case, to specify the trust store) - and if the property contains spaces (e.g. C:\Program Files\JBoss4.0.5.GA), then the directory location will NOT be resolved correctly. I tested this on my Windows machine (Windows XP) and confirmed this problem.
For example, in my properties-service.xml file, the following doesn't work because the resolved path is c:\program files\jboss-4.0.5.GA\server\default\deploy\conf:
<attribute name="Properties">
| javax.net.ssl.trustStore=${jboss.server.home.dir}/conf/my.truststore
| javax.net.ssl.trustStorePassword=mytruststorepassword
| javax.net.ssl.keyStore=.${jboss.server.home.dir}/conf/my.keystore
| javax.net.ssl.keyStorePassword=mykeystorepassword
| </attribute>
So one has to use a relative path in this case (which doesn't contain any spaces):
<attribute name="Properties">
| javax.net.ssl.trustStore=../server/default/conf/my.truststore
| javax.net.ssl.trustStorePassword=mytruststorepassword
| javax.net.ssl.keyStore=../server/default/conf/my.keystore
| javax.net.ssl.keyStorePassword=mykeystorepassword
| </attribute>
It would be nice if this was documented somewhere... I'm not sure if it's a JBoss' issue or a Sun SSL issue of how it handles spaces in directories (most likely Sun since I've used JBoss' properties elsewhere with no problems).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3987114#3987114
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3987114
More information about the jboss-user
mailing list