[jboss-user] [JBoss Portal] - Re: LDAP Connection error
saigon_man
do-not-reply at jboss.com
Tue Sep 25 12:07:17 EDT 2007
Hi,
Thanks for all responds.
First, I tried the suggestions from sbozdag. When I tried to log in, jboss displayed message: "your account is disabled" with admin/admin. If I tried to login with jduke1/theduke, jboss gave me the message: "this account doesn't not exist ...."
Here is my configuration:
1. I am using ApacheDS(Apache directory server) and using JXplorer to log in. ApacheDS doesn't allow anonymous login. So I used the option username+password
username: uid=admin,ou=system
password: secret
2. Because ApacheDS doen't allow anonymous login, I then change the configuration in login-config.xml a little bit and added two lines
| <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="sufficient">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="password-stacking">useFirstPass</module-option>
| </login-module>
| <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
| <module-option name="java.naming.factory.initial">
| com.sun.jndi.ldap.LdapCtxFactory
| </module-option>
| <module-option name="java.naming.provider.url">
| ldap://localhost:10389/
| </module-option>
| <module-option name="java.naming.security.authentication">
| simple
| </module-option>
| <module-option name="binDN">uid=admin,ou=system</module-option>
| <module-option name="bindCredential">secret</module-option>
| <module-option name="baseCtxDN">ou=People,o=portal</module-option>
| <module-option name="baseFilter">(uid={0})</module-option>
| <module-option name="rolesCtxDN">ou=Groups,o=portal</module-option>
| <module-option name="roleFilter">(member={0})</module-option>
| <module-option name="roleAttributeID">member</module-option>
| <module-option name="roleRecursion">-1</module-option>
| <module-option name="roleNameAttributeID">cn</module-option>
| <module-option name="roleAttributeIsDN">true</module-option>
| <module-option name="searchTimeLimit">5000</module-option>
| <module-option name="searchScope">SUBTREE_SCOPE</module-option>
| </login-module>
|
I also added the "Authenticated" and associated all users to this role in the server.
I think once I hit the login button, this configuration doesn't get called at all since jboss is not able to find the jduke1 username in the server.
I don't know if the changes (in red color) I made in this configuration are correct or is there anything i am missing here?
I am using the portal-sample-local.ldif provided in jboss source
Your help on this is greatly appreciated
Thanks,
SGM
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4088502#4088502
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4088502
More information about the jboss-user
mailing list