Hi,
I curretly attempting to secure a web application by adding LDAP Authentication. It looks
like it not loading the configured security Realm for the application as it ends up
loading the "UsersRolesLoginModule", anything addtional i must do? I have added
the changes to :
login-config.xml
jbossweb.xml
web.xml
As the any other file i need to modify ?
I am getting the following exception :
2008-04-09 18:29:55,526 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService]
setCachePolicy, c=org.jboss.util.TimedCachePolicy@9cd006
2008-04-09 18:29:55,527 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService]
Added other, org.jboss.security.plugins.SecurityDomainContext@11d75b9 to map
2008-04-09 18:29:55,538 ERROR [org.jboss.security.auth.spi.UsersRolesLoginModule] Failed
to load users/passwords/role files
java.io.IOException: Properties file users.properties not found
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadProperties(UsersRolesLoginModule.java:217)
I have setup an LDAP Realm in *login-confug.xml* as follows :
....
<!-- Security domains for OpenLDAP -->
<application-policy name = "OpenLDAPRealm">
<login-module code="org.jboss.security.auth.spi.LdapLoginModulee"
flag="required" >
<module-option name =
"java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option
name="java.naming.provider.url">ldap://ldaphosts.com:389</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option
name="java.naming.security.principal">S_PRINC_AD</module-option>
<module-option
name="java.naming.security.credentials">ADBrowser</module-option>
<module-option name="rolesCtxDN">OU=The
Agency,DC=com</module-option>
<module-option
name="matchOnUserDN">false</module-option>
<module-option
name="principalDNSuffix">(a)theagency.com</module-option>
<module-option
name="roleAttributeID">memberOf</module-option>
<module-option
name="roleAttributeIsDN">true</module-option>
<module-option
name="roleNameAttributeID">name</module-option>
<module-option
name="uidAttributeID">sAMAccountName</module-option>
<module-option
name="searchScope">SUBTREE_SCOPE</module-option>
<module-option
name="defaultRole">Group_Web</module-option>
</login-module>
</application-policy>
....
and have web.xml as follows :
....
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Group_Web</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>OpenLDAPRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
....
and
jbossweb.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/OpenLDAPRealm</security-domain>
</jboss-web>
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4143859#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...