Hi All,
I am using JBoss for deploying application and LDAP to store user data required for
login.
I have implemented a custom login module in login-config.xml which looks like
------------------------------------------------------------------------------
<application-policy name="testLDAP">
<login-module code="com.wipro.test.jaas.loginmodules.LdapLoginModule"
flag="required">
<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option
name="java.naming.provider.url">ldap://localhost:389/dc=example,dc=com</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option
name="java.naming.security.principal">dc=example,dc=com</module-option>
<module-option
name="java.naming.security.credentials">secret</module-option>
<module-option name="principalDNSuffix">ou=Sales</module-option>
<module-option name="uidAttributeID">mail</module-option>
<module-option
name="passwordAttribute">userPassword</module-option>
<module-option
name="roleAttributeID">telephoneNumber</module-option>
</login-module>
</application-policy>
--------------------------------------------------------------------------------------
I have specified security domain in jboss-web.xml which looks like
--------------------------------------------------------------------------------------
<?xml version="1.0"?>
<jboss-web>
<!-- All secured web content uses this security manager -->
<security-domain>java:/jaas/testLDAP</security-domain>
</jboss-web>
--------------------------------------------------------------------------------------
My customised login module works fine for authentication but if authentication succeeds it
leads me to an error page saying Access to the requested resource has been denied
My web.xml is as follows
--------------------------------------------------------------------------------------
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
Security constraint /secure
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<role-name>manager</role-name>
</security-role>
--------------------------------------------------------------------------------------
My LDAP enteries look like
# Employees
dn: cn=aarti, ou=Sales, dc=example, dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: aarti
gn: RT
sn: Gagneja
mail: abc(a)example.com
userPassword: xyz
telephoneNumber :manager
--------------------------------------------------------------------------------------
I dont where am i going wrong . Do i need to specify roles some where else also. Any help
is appreciated.
Thanx in advance.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4148571#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...