10:15 a.m.
Moises Jardim Pinheiro [https://community.jboss.org/people/jardimpinheiro] created the
discussion
"Ldap configuration"
To view the discussion, visit: https://community.jboss.org/message/829547#829547
--------------------------------------------------------------
Hello!
I need to configure jboss with ldap but I have some problems.
I tried to do this:
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAuth</web-resource-name>
<description>application security constraints
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>LDAP Test</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/my_ldap_security_domain</security-domain>
</jboss-web>
standalone.xml
<security-domain name="my_ldap_security_domain">
<authentication>
<login-module code="LdapExtended"
flag="required">
<module-option name="java.naming.provider.url"
value="ldap://hml-ldap:389"/>
<module-option
name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN"
value="cn=admin,dc=company,dc=com,dc=br"/>
<module-option name="bindCredential"
value="pass"/>
<module-option name="baseCtxDN"
value="ou=users,dc=company,dc=com,dc=br"/>
<module-option name="baseFilter"
value="uid={0},dc=company,dc=com,dc=br"/>
<module-option name="rolesCtxDN"
value="ou=groups,dc=company,dc=com,dc=br"/>
<module-option name="roleFilter"
value="(member={1})"/>
<module-option name="roleAttributeID"
value="cn"/>
<module-option name="throwValidateError"
value="true"/>
<module-option name="searchScope"
value="ONELEVEL_SCOPE"/>
</login-module>
</authentication>
</security-domain>
When a put username and password occur this exception:
11:52:48,535 ERROR org.jboss.security.authentication.JBossCachedAuthenticationManager
org.jboss.security.authentication.JBossCachedAuthenticationManager
(http-localhost-127.0.0.1-8080-1) Login failure:
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270)
picketbox-4.0.7.Final.jar:4.0.7.Final
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at java.lang.reflect.Method.invoke(Method.java:601)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at java.security.AccessController.doPrivileged(Native Method)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449)
picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383)
picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371)
picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160)
picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214)
jboss-as-web-7.1.1.Final.jar:7.1.1.Final
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
jbossweb-7.0.13.Final.jar:
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455)
jbossweb-7.0.13.Final.jar:
at
org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
jboss-as-web-7.1.1.Final.jar:7.1.1.Final
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
jbossweb-7.0.13.Final.jar:
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
jbossweb-7.0.13.Final.jar:
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
jbossweb-7.0.13.Final.jar:
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
jbossweb-7.0.13.Final.jar:
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
jbossweb-7.0.13.Final.jar:
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
jbossweb-7.0.13.Final.jar:
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
jbossweb-7.0.13.Final.jar:
at java.lang.Thread.run(Thread.java:722)
https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap
configuration
Caused by: javax.naming.NamingException: PB00019: Processing Failed:Search of
baseDN(ou=users,dc=company,dc=com,dc=br) found no matches
at
org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:482)
picketbox-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:438)
picketbox-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:312)
picketbox-4.0.7.Final.jar:4.0.7.Final
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:267)
picketbox-4.0.7.Final.jar:4.0.7.Final
What is going on?
I changed some configurations and tried a lot but I don't achieve.
There are other programs that connect in the same ldap and work fine. However in this case
(with jboss) there are some problems, certainly in my configurations.
Thanks!
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/829547#829547]
Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4173
days inactive
4173
days old
jboss-dev-forums@lists.jboss.org
0 comments
1 participants
participants (1)
-
Moises Jardim Pinheiro