[jboss-user] [Security & JAAS/JBoss] - LdapExtLoginModule, DatabaseServerLoginModule and password-s

braca do-not-reply at jboss.com
Thu Jan 22 08:37:48 EST 2009 

Hi,

I want to use LdapExtLoginModule for authenticating users and DatabaseServerLoginModule for retrieving roles. However, it doesn't work. I can't even login/authenticate. Without the Database-Module and getting some sample roles out of ldap is working. So what's wrong? Here's my login-config.xml:



  | <application-policy name = "jmx-console">
  | <authentication>
  | <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
  | 	<module-option name="password-stacking">useFirstPass</module-option>
  | 	<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  | 	<module-option name="java.naming.provider.url">ldaps://10.31.4.4:636</module-option>
  | 	<module-option name="bindDN">cn=Test,ou=User</module-option> 
  | 	<module-option name="bindCredential">xxx</module-option>
  | 	<module-option name="baseCtxDN">ou=sample,o=orga</module-option>
  | 	<module-option name="baseFilter"><![CDATA[(&(cn={0})(objectClass=inetOrgPerson))]]></module-option>
  | 	<module-option name="searchTimeLimit">5000</module-option>
  | 	<module-option name="searchScope">SUBTREE_SCOPE</module-option>
  | </login-module>
  | <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
  | 	<module-option name="password-stacking">useFirstPass</module-option>
  | 	<module-option name = "dsJndiName">java:InformixDS</module-option>
  | 	<module-option name = "rolesQuery">
  | 	SELECT a.name, 'Roles'  \                                                     
  | 	FROM b_rolle a                      \                                
  | 	INNER JOIN b_benrolleorga b  \                                         
  | 	ON a.id = b.x_rolle_id                  \                            
  | 	WHERE (a.gueltigbis IS NULL OR a.gueltigbis ='' OR a.gueltigbis >= TODAY ) \	AND                                                                  \
  | 	user=?                                       	
  | 	</module-option>
  | </login-module>
  | </authentication>
  | </application-policy>
  | 
  | Exception is:
  | 2009-01-22 14:16:30,343 DEBUG [org.jboss.security.auth.spi.LdapExtLoginModule] Bad password for username=test
  | java.lang.NullPointerException
  | 	at javax.naming.InitialContext.getURLScheme(InitialContext.java:269)
  | 	at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:318)
  | 	at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:87)
  | 	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
  | 	at org.jboss.security.auth.spi.LdapExtLoginModule.rolesSearch(LdapExtLoginModule.java:421)
  | 	at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:351)
  | 	at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:232)
  | 	at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  | 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  | 	at java.lang.reflect.Method.invoke(Method.java:597)
  | ...
  | 

Thanks for an answer
braca

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4204003#4204003

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4204003

More information about the jboss-user mailing list