Hi All,
I have been working with JBPM 5.2 for quite sometime and currently started with 5.3. I had explored a link ( http://mswiderski.blogspot.in/2012/05/jbpm-53-brings-ldap-into-picture.html ) which tells that JBPM 5.3 can be integerated with LDAP .I had gone through the link and also explored the JBOSS AS 7 document for configuring with LDAP.I am trying to integerate JBPM 5.3 with Microsoft Active Directory, however I am facing some problems. As mentioned in the document I had configured my standalone.xml with the following :
<security-domain name="jbpm-console" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://IPAddress:389"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com"/>
<module-option name="bindCredential" value="myuser345"/>
<module-option name="baseDN" value="CN=Users,DC=performixpune,DC=com"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="rolesCtxDN" value="CN=Users,DC=performixpune,DC=com"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleFilter" value="(member={1})"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="allowEmptyPasswords" value="true"/>
</login-module>
</authentication>
</security-domain>
My Active directory ldif file is somewhat like given below ----- :
dn: CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Sachin Chandra
sn: Chandra
givenName: Sachin
distinguishedName: CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com
instanceType: 4
whenCreated: 20120711110150.0Z
whenChanged: 20120711110209.0Z
displayName: Sachin Chandra
uSNCreated: 163824
uSNChanged: 163830
name: Sachin Chandra
objectGUID:: BNoV31Y1eE6kBwd2Bks64w==
userAccountControl: 66048
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 129870781036451250
lastLogoff: 0
lastLogon: 129870781158638750
pwdLastSet: 129864781106588750
primaryGroupID: 513
objectSid:: AQUAAAAAAAUVAAAAVIqQajNW1nCni/tpyAQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: sachinc
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=performixpune,DC=com
dSCorePropagationData: 16010101000000.0Z
I am able to start my server without any problems.My ear files are getting deployed but I am not able to login into my JBPM console .My server log shows the following error -------
13:01:18,842 INFO [solder-servlet] (MSC service thread 1-1) Catch Integration for Servlets enabled
13:01:18,877 INFO [org.jboss.web] (MSC service thread 1-1) registering web context: /drools-guvnor
13:01:19,052 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-human-task-war.war"
13:01:19,052 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-gwt-console.war"
13:01:19,053 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-gwt-console-server.war"
13:01:19,053 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-form-builder.war"
13:01:19,053 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "drools-guvnor.war"
13:01:19,053 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "designer.war"
13:02:53,430 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost-127.0.0.1-8080-2) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252) [picketbox-4.0.1.jar:4.0.1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_24]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_24]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_24]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_24]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_24]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_24]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_24]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_24]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_24]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.1.jar:4.0.1]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.1.jar:4.0.1]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.1.jar:4.0.1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:372) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:952) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_24]
Caused by: java.lang.NullPointerException
at javax.naming.NameImpl.<init>(NameImpl.java:264) [:1.6.0_24]
at javax.naming.CompositeName.<init>(CompositeName.java:214) [:1.6.0_24]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) [:1.6.0_24]
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) [:1.6.0_24]
at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:471) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:431) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:310) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:249) [picketbox-4.0.1.jar:4.0.1]
I am able to access the Active directory using a client tool( Active Directory tool ) but with JBOSS it's not working . I have tried with different things but not able to trace what is the cause of this .Can anybody please guide me where am I going wrong.
Regards
Sachin