[jboss-user] [Security & JAAS/JBoss] - Re: writing new LoginModul - unable to replace Principal ??
patwary_shiva
do-not-reply at jboss.com
Tue Oct 9 16:26:32 EDT 2007
I am getting Bad password for username=admin
Below is the stack trace of the exception :
authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.ClientLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:[1]
LoginModule Class: org.imixs.jboss.security.LdapLoginModuleExt
ControlFlag: LoginModuleControlFlag: required
Options:name=RoleSeachContext, value=ou=Groups, dc=axeda, dc=com
name=java.naming.security.principal, value=uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
name=LoginNameSearch, value=(&(uid={0})(objectclass=person))
name=java.naming.factory.initial, value=com.sun.jndi.ldap.LdapCtxFactory
name=java.naming.security.credentials, value=admin
name=roleNameAttributeID, value=cn
name=roleFilter, value=(&(cn={0})(objectclass=groupofUniqueNames))]]</module-option>
<module-option name="baseFilter"><![CDATA[(&(uid={0})(objectclass=person))
name=java.naming.security.authentication, value=simple
name=java.naming.provider.url, value=ldap://leda.axeda.com:389/
name=roleAttributeID, value=cn
name=RoleSearch, value=(&(cn={0})(objectclass=groupofUniqueNames))
name=LoginNameSeachContext, value=ou=People, dc=axeda, dc=com
name=uidAttributeID, value=uniqueMember
name=LoginNameToCompositeName, value=true
name=roleAttributeIsDN, value=false
2007-10-09 16:19:42,694 TRACE [org.jboss.security.ClientLoginModule] Security domain: servicelinkdomain
2007-10-09 16:19:42,694 TRACE [org.jboss.security.ClientLoginModule] Enabling restore-login-identity mode
2007-10-09 16:19:42,694 TRACE [org.jboss.security.ClientLoginModule] Begin login
2007-10-09 16:19:42,694 TRACE [org.jboss.security.ClientLoginModule] Obtained login: admin, credential.class: [C
2007-10-09 16:19:42,694 TRACE [org.jboss.security.ClientLoginModule] End login
2007-10-09 16:19:42,725 DEBUG [org.imixs.jboss.security.LdapLoginModuleExt] Bad password for username=admin
2007-10-09 16:19:42,725 TRACE [org.jboss.security.ClientLoginModule] abort
2007-10-09 16:19:42,725 TRACE [org.jboss.security.SecurityAssociation] clear, server=true
2007-10-09 16:19:42,725 TRACE [org.jboss.security.plugins.JaasSecurityManager.servicelinkdomain] Login failure
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:595)
2007-10-09 16:19:42,725 TRACE [org.jboss.security.plugins.JaasSecurityManager.servicelinkdomain] End isValid, false
below is the configuration:
<login-module code="org.jboss.security.ClientLoginModule" flag="required"/>
<login-module code="org.imixs.jboss.security.LdapLoginModuleExt" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://sample.sample.sample:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<!-- searchScope is neccesary for Domino SUBTREE_SCOPE -->
<module-option name="searchScope"></module-option>
<!-- Params for Distinguished Name Search -->
<module-option name="LoginNameToCompositeName">false</module-option>
<module-option name="LoginNameSeachContext">ou=People, dc=axeda, dc=com</module-option>
<module-option name="LoginNameSearch"><![CDATA[(&(uid={0})(objectclass=person))]]></module-option>
<!-- Params for Role Search -->
<module-option name="roleAttributeID">cn</module-option>
<module-option name="RoleSeachContext">ou=Groups, dc=axeda, dc=com</module-option>
<module-option name="RoleSearch"><![CDATA[(&(cn={0})(objectclass=groupofUniqueNames))]]></module-option>
<!-- Principal und Credentials for ldap lookups -->
<module-option name="java.naming.security.principal">uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot</module-option>
<module-option name="java.naming.security.credentials">sample</module-option>
</login-module>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4093201#4093201
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4093201
More information about the jboss-user
mailing list