[jboss-user] [JBoss Portal] - LDAP Configuration for JBoss Portal
NapSteros
do-not-reply at jboss.com
Fri Mar 27 10:44:52 EDT 2009
Hi everybody,
I'm traying to configure [jboss-portal-2.7.1] to be integrated with our LDAP, but each time I deploy application under [jboss-4.2.3.GA] I receive an exception that I ignore the source.
I edit the [ldap_identity-config.xml] as follows :
| <identity-configuration>
| <datasources>
| <datasource>
| <name>LDAP</name>
| <!-- -->
| <service-name>portal:service=Module,type=LDAPConnectionContext</service-name>
| <class>org.jboss.portal.identity.ldap.LDAPConnectionContext</class>
| <!-- -->
| <config>
| <option>
| <name>ldap</name>
| <value>company.com</value>
| </option>
| <option>
| <name>port</name>
| <value>389</value>
| </option>
| <option>
| <name>adminDN</name>
| <value>company-eduid=123,ou=people,dc=company,dc=com</value>
| </option>
| <option>
| <name>adminPassword</name>
| <value>xxx</value>
| </option>
| </config>
| </datasource>
| </datasources>
| <!-- ------------------------------- -->
| <modules>
| <module>
| <type>User</type>
| <implementation>LDAP</implementation>
| <class>org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl</class>
| <config/>
| </module>
| <module>
| <type>Role</type>
| <implementation>LDAP</implementation>
| <class>org.jboss.portal.identity.ldap.LDAPExtRoleModuleImpl</class>
| <config/>
| </module>
| <module>
| <type>Membership</type>
| <implementation>LDAP</implementation>
| <config/>
| </module>
| <module>
| <type>UserProfile</type>
| <implementation>DELEGATING</implementation>
| <config>
| <option>
| <name>ldapModuleJNDIName</name>
| <value>java:/portal/LDAPUserProfileModule</value>
| </option>
| </config>
| </module>
| <module>
| <type>DBDelegateUserProfile</type>
| <implementation>DB</implementation>
| <config>
| <option>
| <name>randomSynchronizePassword</name>
| <value>true</value>
| </option>
| </config>
| </module>
| <module>
| <type>LDAPDelegateUserProfile</type>
| <implementation>LDAP</implementation>
| <config/>
| </module>
| </modules>
| <!-- ------------------------------- -->
| <options>
| <option-group>
| <group-name>common</group-name>
| <option>
| <name>userCtxDN</name>
| <value>ou=People,dc=company,dc=com</value>
| </option>
| <option>
| <name>userSearchFilter</name>
| <value><![CDATA[(&(sAMAccountName={0})(objectClass=company-person))]]></value>
| </option>
| <option>
| <name>roleCtxDN</name>
| <value>ou=Roles,dc=company,dc=com</value>
| </option>
| <option>
| <name>roleSearchFilter</name>
| <value><![CDATA[(&((sAMAccountName={0})(o=CompanyOraganisation)))]]></value>
| </option>
| </option-group>
| </options>
| <!-- ------------------------------- -->
| </identity-configuration>
|
|
and the [login-config.xml] :
| <policy>
| <!-- For the JCR CMS -->
| <application-policy name="cms">
| <authentication>
| <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
| </authentication>
| </application-policy>
| <application-policy name="portal">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
| <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option>
| <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option>
| <module-option name="java.naming.provider.url">ldap://company.com:389/ </module-option>
| <module-option name="java.naming.security.authentication">simple</module-option>
| <module-option name="bindDN">cn=user</module-option>
| <module-option name="bindCredential">xxx</module-option>
| <module-option name="baseCtxDN">ou=People,dc=company,dc=com</module-option>
| <module-option name="baseFilter">(uid={0})</module-option>
| <module-option name="rolesCtxDN">ou=Roles,dc=company,dc=com</module-option>
| <module-option name="roleFilter">(member={1})</module-option>
| <module-option name="roleAttributeID">cn</module-option>
| <module-option name="roleRecursion">-1</module-option>
| <module-option name="searchTimeLimit">10000</module-option>
| <module-option name="searchScope">SUBTREE_SCOPE</module-option>
| <module-option name="allowEmptyPasswords">false</module-option>
| </login-module>
| <login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
| <module-option name="synchronizeIdentity">true</module-option>
| <module-option name="synchronizeRoles">true</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="defaultAssignedRole">User</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
| <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
| </login-module>
| </authentication>
| </application-policy>
| </policy>
|
|
But unfortunately, I receive these exceptions :
| "-- JBoss AS Log--"
|
| ERROR [ModuleServicesMetaData] Default module configuration isn t complete ModuleMetaData[type=User, implementation= LDAP, serviceName=null, className=org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl config=org.jboss.portal.identity.metadata.config.ConfigMetaData at 1b22cc7]
| WARN [ServiceController] Problem starting service portal:service=Module,type=IdentityServiceController
| org.jboss.portal.identity.IdentityException: Error during processing default configuration file
|
| "-- Browser error--"
|
| HTTP Status 500 -
| type Exception report
| message
| description The server encountered an internal error () that prevented it from fulfilling this request.
| exception
| javax.servlet.ServletException: org.hibernate.HibernateException: Unable to locate current JTA transaction
| org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:278)
| javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
| org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| root cause
| org.hibernate.HibernateException: Unable to locate current JTA transaction
| ...
|
I'll be so gratefull..
NapSteros,
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221577#4221577
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221577
More information about the jboss-user
mailing list