[JBoss Portal] - LdapExtLoginModule + Active Directory Help
by sreeni.gali
Hi Team,
I have been trying JBOSS authentication and Authorization against ActiveDirectory and having the problem. My working steps as below. Can anybody help me on this?
Step1: in "login-config.xml" the entry as below
-------------------------
<application-policy name="JawJaasDbRealm">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient" >
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://151.111.195.26:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="java.naming.security.principal">ldapbrowse</module-option>
<module-option name="java.naming.security.credentials">ldapbrowse</module-option>
<!-- bGRhcGJyb3dzZQ== -->
<module-option name="bindDN">CN=LDAPBrowse,OU=Enterprise Administration,DC=ad,DC=dot,DC=state,DC=mn,DC=us</module-option>
<module-option name="bindCredential">ldapbrowse</module-option>
<module-option name="baseCtxDN">DC=ad,DC=dot,DC=state,DC=mn,DC=us</module-option>
<module-option name="baseFilter">(sAMAccountName={0})</module-option>
<module-option name="rolesCtxDN">OU=Groups,OU=Freight and Commercial Vehicle Operations,OU=Program Management Division,DC=ad,DC=dot,DC=state,DC=mn,DC=us</module-option>
<module-option name="roleFilter">(sAMAccountName={0})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<!-- <module-option name="roleAttributeIsDN">true</module-option> -->
<module-option name="roleNameAttributeID">cn</module-option>
<module-option name="defaultRole">OFCVO_RGCIP_Inventory</module-option>
<!-- <module-option name="roleRecursion">-1</module-option> -->
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</application-policy>
--------------------------
Step2: in "jboss.xml" file the entry as below
------------------
<jboss-web>
<context-root>jaw</context-root>
<security-domain>java:/jaas/JawJaasDbRealm</security-domain>
</jboss-web>
------------------
Step3: web-security.xml file
--------------
<security-constraint>
<web-resource-collection>
<web-resource-name>
JAW Application protected Admin pages and actions.
</web-resource-name>
Require users to authenticate.
<url-pattern>/test/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
Allow Manager role to access Admin pages and actions.
<role-name>OFCVO_RGCIP_Inventory</role-name>
</auth-constraint>
</security-constraint>
<security-role>
JAW Guest User (unsecured)
<role-name>OFCVO_RGCIP_Inventory</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>JawJaasDbRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
---------------------------
index.jsp
----------------
<%@ page contentType="text/html; charset=ISO-8859-1" %>
Welcome to the application, <%= request.getRemoteUser() %>!
MnDOT Chg Access Role :<%=request.isUserInRole("MnDOT Chg Access") %>
OFCVO_RGCIP_Inventory Role :<%=request.isUserInRole("OFCVO_RGCIP_Inventory") %>
OFCVO_RGCIP_Admin Role :<%=request.isUserInRole("OFCVO_RGCIP_Admin") %>
OFCVO_RGCIP_ProjMgr Role :<%=request.isUserInRole("OFCVO_RGCIP_ProjMgr") %>
OFCVO_RGCIP_DataMaint Role :<%=request.isUserInRole("OFCVO_RGCIP_DataMaint") %>
OFCVO_RGCIP_Auditor Role :<%=request.isUserInRole("OFCVO_RGCIP_Auditor") %>
OFCVO_RGCIP_Finance Role :<%=request.isUserInRole("OFCVO_RGCIP_Finance") %>
----------------
If i enter user credentials(userid/password) who don't have role "OFCVO_RGCIP_Inventory" , it's authenticating and getting the index.jsp page and <%=request.isUserInRole("OFCVO_RGCIP_Inventory") %> displaying "true" value. I think once it's authentication is over then the defaultRole(<module-option name="defaultRole">OFCVO_RGCIP_Inventory</module-option>
) is associating with the logged in user even if he don't belongs to that role in AD.
Can you help me what's going wrong and why it's behaving like this?
Thanks,
Sreeni
914 439 3469
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968158#3968158
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968158
19 years, 8 months
[JBoss Seam] - DataModel and DataModelSelection and
by ZeddMaxim
I've seen a few posts out there regarding this, and no one ever seems to come up with a solid answer, so I thought I'd post this in hopes someone will find it useful.
I have a simple data table set up such as in the Message List example, with a clickable link in each row (to edit that object). No matter which row I clicked, the first item was always selected / injected. A similar table on another page in the same application (hitting the same SFSB!) worked just fine.
Item (1) on page 13 of the Seam tutorial states: anonymous wrote : The @DataModel annotation exposes an attribute of type java.util.List to the JSF page as an instance of javax.faces.model.DataModel... The key to my understanding came out of when I finally realized that this meant it outjected the list. I had my h:dataTable's value set to SFSB-name.list (so it was calling the list's getter) instead of just the outjected "#{list}".
Once I fixed this, the @DataModelSelection variable was populated perfectly.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968156#3968156
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968156
19 years, 8 months
[JBoss Eclipse IDE (users)] - Cache-related error creating SessionFactory in Hibernate Con
by dserodio
I'm using Eclipse 3.2, with Hibernate Tools beta7.
I created a "hibernate.cfg.xml" using the Eclipse Wizard, but when I try to open the SessionFactory in Hibernate Console, I get:
org.hibernate.HibernateException: Could not instantiate cache implementation
| at org.hibernate.cache.CacheFactory.createCache(CacheFactory.java:64)
| at org.hibernate.impl.SessionFactoryImpl.<init>(SessionFactoryImpl.java:214)
| at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:1218)
| at org.hibernate.console.ConsoleConfiguration$2.execute(ConsoleConfiguration.java:282)
| at org.hibernate.console.execution.DefaultExecutionContext.execute(DefaultExecutionContext.java:56)
| at org.hibernate.console.ConsoleConfiguration.execute(ConsoleConfiguration.java:85)
| at org.hibernate.console.ConsoleConfiguration.buildSessionFactory(ConsoleConfiguration.java:277)
| at org.hibernate.eclipse.console.workbench.LazySessionFactoryAdapter.getChildren(LazySessionFactoryAdapter.java:41)
| at org.hibernate.eclipse.console.workbench.BasicWorkbenchAdapter.getChildren(BasicWorkbenchAdapter.java:88)
| at org.hibernate.eclipse.console.workbench.BasicWorkbenchAdapter.fetchDeferredChildren(BasicWorkbenchAdapter.java:94)
| at org.eclipse.ui.progress.DeferredTreeContentManager$1.run(DeferredTreeContentManager.java:207)
| at org.eclipse.core.internal.jobs.Worker.run(Worker.java:58)
| Caused by: org.hibernate.cache.NoCachingEnabledException: Second-level cache is not enabled for usage [hibernate.cache.use_second_level_cache | hibernate.cache.use_query_cache]
| at org.hibernate.cache.NoCacheProvider.buildCache(NoCacheProvider.java:21)
| at org.hibernate.cache.CacheFactory.createCache(CacheFactory.java:61)
| ... 11 more
I added the suggested settings to the hibernate.cfg.xml file, but I still get the same error. My cfg file is:
<?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE hibernate-configuration PUBLIC
| "-//Hibernate/Hibernate Configuration DTD 3.0//EN"
| "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
| <hibernate-configuration>
| <session-factory name="Console">
| <property name="hibernate.connection.driver_class">org.hsqldb.jdbcDriver</property>
| <property name="hibernate.connection.url">jdbc:hsqldb:bd/nfe</property>
| <property name="hibernate.connection.username">sa</property>
| <property name="hibernate.dialect">org.hibernate.dialect.HSQLDialect</property>
| <property name="hibernate.cache.provider_class">org.hibernate.cache.HashtableCacheProvider</property>
| <property name="hibernate.cache.use_second_level_cache">true</property>
| <property name="hibernate.cache.use_query_cache">true</property>
| </session-factory>
| </hibernate-configuration>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968154#3968154
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968154
19 years, 8 months