[jboss-user] [Installation, Configuration & Deployment] - JBoss Portal LDAP Authentication
I have JBoss portal (2.2.1-SP3-bundled) authenticating correctly against an OpenLDAP
server. When I login with a *valid* username/password, though, subsequent pages fail with
the error listed below.
Is the problem that the user 'jduke' needs to be in JBoss's user database as
well as in LDAP? It seems like the LdapExtLoginModule would take care of this
automatically. Do I need to write a custom LoginModule?
I've been all over google on this one and would greatly appreciate any help!
Thanks a million!
-- Joel
exception
javax.servlet.ServletException: No such user No such user jduke
org.jboss.portal.server.servlet.PortalServlet.doGet(PortalServlet.java:227)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
org.jboss.portal.core.model.NoSuchUserException: No such user No such user jduke
org.jboss.portal.core.impl.user.UserModuleImpl.findUserByUserName(UserModuleImpl.java:123)
org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:100)
org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
...
Here's the login-config.xml:
<application-policy name="portal">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option
name="java.naming.provider.url">ldap://localhost:389</module-option>
<module-option
name="bindDN">cn=Manager,dc=jboss,dc=org</module-option>
<module-option
name="bindCredential">secret</module-option>
<module-option
name="baseCtxDN">ou=People,dc=jboss,dc=org</module-option>
<module-option
name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Roles,dc=jboss,dc=org</module-option>
<module-option
name="roleFilter">(member={1})</module-option>
<module-option
name="roleAttributeID">cn</module-option>
<module-option
name="roleAttributeIsDN">true</module-option>
<module-option
name="roleNameAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option
name="searchScope">ONELEVEL_SCOPE</module-option>
<module-option
name="password-stacking">useFirstPass</module-option>
<module-option
name="passwordValidation">remote</module-option>
</login-module>
</application-policy>
And here's what's in the LDAP:
dn: dc=jboss,dc=org
objectclass: top
objectclass: dcObject
objectclass: organization
dc: jboss
o: JBoss
dn: ou=People,dc=jboss,dc=org
objectclass: top
objectclass: organizationalUnit
ou: People
dn: uid=jduke,ou=People,dc=jboss,dc=org
objectclass: top
objectclass: uidObject
objectclass: person
uid: jduke
cn: Java Duke
sn: Duke
userPassword: theduke
dn: ou=Roles,dc=jboss,dc=org
objectclass: top
objectclass: organizationalUnit
ou: Roles
dn: cn=JBossAdmin,ou=Roles,dc=jboss,dc=org
objectclass: top
objectclass: groupOfNames
cn: JBossAdmin
member: uid=jduke,ou=People,dc=jboss,dc=org
description: the JBossAdmin group
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962288#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...