I try to use LdapExtLoginModue to authenticate over a windows active directory.
For some of my users I have a very strange exception:
[url]Exception in thread "main" javax.security.auth.login.FailedLoginException:
Password Incorrect/Password Required
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at Main.main(Main.java:41)
Caused by: javax.naming.PartialResultException: Unprocessed Continuation Reference(s);
remaining name 'dc=fr,dc=mycompany,dc=net'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2763)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
at
org.jboss.security.auth.spi.LdapExtLoginModule.rolesSearch(LdapExtLoginModule.java:421)
at
org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:348)
at
org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:229)
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
... 11 more[/url]
When the login module tries to get the role of the authenticated user, the roleSearch
method failed. I go through this method with a debugger.
ctxt.search return a NamingEnumeration that contains 1 element, a while iterate over the
enumeration. Exception is thrown in the while when the hasMore method is invoked for the
second time.
I have patch the code to replace hasMore with hasMoreElements. That fiw my problem.
Finally I replace in searchRole and bindDNAuthentication methods the hasMore() by
hasMoreElements().
I'm not able to understand why hasMore method throws an exception for some of my
config and not for others.
Is that a bug in the LdapExtLoginModule ???
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012887#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...