[jboss-user] [EJB 3.0] New message: "problem with LdapLoginModule"

Stefan Henz do-not-reply at jboss.com
Fri Mar 12 20:05:52 EST 2010 

User development,

A new message was posted in the thread "problem with LdapLoginModule":

http://community.jboss.org/message/531775#531775

Author  : Stefan Henz
Profile : http://community.jboss.org/people/shenz

Message:
--------------------------------------------------------------
Hi,
 
I've the following problem with the LdapLoginModule (same for the LdapExtLoginModule, which I've tried too):
even I've configured the LdapLoginModule in the login-config.xml, when typing the username and the password in the loginPanel, i.e. when entering the URL
 
http://loccalhost:8080/myWebApp/web
or
https://localhost:8443/myWebApp/web
 
where WebApp is a EJB project packed in the an ear file "WebApp.ear"
 
(a HTTPs connector is enabled and a redirect from HTTP port 8080 to the secure port HTTPs in the server.xml is enabled) on my computer,
 
I get always the follwing error message
 
:38:42,107 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
        at org.jboss.security.auth.spi.Util.loadProperties(Util.java:198)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
 
 
...
 
I don' t understand why for a user.properties file is searched after.
 
The according snippet code of the login-config.xml looks like:
 
<policy>
...
  <application-policy name="myWebApp">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
            <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
            <module-option name="java.naming.provider.url">ldap://ldap.local/</module-option>
            <module-option name="java.naming.security.protocol">ssl</module-option>
            <module-option name="java.naming.security.authentication">simple</module-option>
           <!-- the username is gvine in "uid" not in "cn", i.e.
                 on commad line you type "ldapsearch -x uid=username in order to get the user information -->
            <module-option name="principalDNPrefix">uid=</module-option>
           <!-- principalDNSuffix has to be empty because it looks like
                ou=<deparment>, ou=users, dc=domainPart1, dc=domainPart2 -->
            <module-option name="principalDNSuffix"></module-option>
            <module-option name="uidAttributeID">member</module-option>
           <!-- all roles could be empty because in our LDAP server no roles are defined -->
           <module-option name="rolesCtxDN"></module-option>
           <module-option name="uidAttributeID">member</module-option>
           <module-option name="roleAttributeID">uid</module-option>
           <module-option name="roleAttributeIsDN">false</module-option>
            <module-option name="searchTimeLimit">5000</module-option>
           <module-option name="searchScope">SUBTREE_SCOPE</module-option>
           <module-option name="allowEmptyPasswords">false</module-option>
            <module-option name="debug">true</module-option>
           </login-module>
       </authentication>
  </application-policy>
</policy>
 
 
 
The content of the  jboss.xml is:
<?xml version="1.0" encoding="UTF-8"?>
<jboss>
   <security-domain>myWebApp</security-domain>
</jboss>
 
The jboss-web.xml has the content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC
    "-//JBoss//DTD Web Application 5.0//EN"
    "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
<jboss-web>
   <security-domain>java:/jaas/myWebApp</security-domain>
   <context-root>/myWebApp</context-root>
</jboss-web>
 
 
And the web.xml is:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns="http://java.sun.com/xml/ns/javaee"
   xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
   <display-name>JAAS</display-name>
   <security-constraint>
      <display-name>myWebApp</display-name>
        <web-resource-collection>
            <web-resource-name>instituteKurz</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
         </web-resource-collection>
         <auth-constraint>
            <role-name>*</role-name>
         </auth-constraint>
         <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
         </user-data-constraint>
   </security-constraint>
<login-config>
   <auth-method>BASIC</auth-method>
   <realm-name>myWebApp</realm-name>
</login-config>
 
Can somebody of you help me maybe?
 
Thx,
Jim

--------------------------------------------------------------

To reply to this message visit the message page: http://community.jboss.org/message/531775#531775

More information about the jboss-user mailing list