4:30 a.m.
Try this one:
<application-policy name="guvnor">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option
name="java.naming.provider.url">ldaps://localhost:16636</module-option>
<module-option
name="java.naming.security.protocol">ssl</module-option>
<module-option
name="bindDN">cn=DirManager,dc=kijanowski,dc=eu</module-option>
<module-option name="bindCredential">admin123</module-option>
<module-option
name="baseCtxDN">ou=People,o=guvnor,dc=kijanowski,dc=eu</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Roles,o=guvnor,dc=kijanowski,dc=eu</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</authentication>
</application-policy>
When you have followed the tutorial, then you have setup ssl, so please
keep in mind to use ldaps instead of ldap in the connection url. Change
also the port from the default one, 389, to 16636.
And yes, the tutorial has a bug showing the login-config.xml file, since
it has been copied over without the corresponding xml attributes...
Cheers,
Jarek
Gayatri Chandak wrote:
Hello All,
An update from my side.
We tried modifying the login-config.xml file as below:
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapAuthenticatorLoginModule"
flag="optional">
<module-option
name="java.naming.provider.url">ldap://test.kalyani.com:389/</module-option>
<module-option
name="java.naming.security.protocol">ssl</module-option>
<module-option
name="java.naming.security.principal">cn=DirManager</module-option>
<module-option
name="java.naming.security.credentials">secret</module-option>
<module-option
name="searchBase">dc=kijanowski,dc=eu</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option name="java.naming.factory.initial">
com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option
name="java.naming.provider.url">ldap://test.kalyani.com:389/</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=DirManager,dc=kijanowski,dc=eu
</module-option>
<module-option name="bindCredential">secret</module-option>
<module-option
name="baseCtxDN">ou=People,o=guvnor,dc=kijanowski,dc=eu
</module-option>
<module-option
name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Roles,o=guvnor,dc=kijanowski,dc=eu
</module-option>
<module-option
name="roleFilter">(member={1})</module-option>
<module-option
name="roleAttributeID">member</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option
name="roleNameAttributeID">cn</module-option>
<module-option
name="roleAttributeIsDN">true</module-option>
<module-option
name="searchTimeLimit">5000</module-option>
<module-option
name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</ authentication>
</application-policy>
But, still we are not able to connect to the LDAP server
through the login page. We are getting the follwoing error :
[STDOUT] ERROR 15-04 11:59:15,597
(SecurityServiceImpl.java:login:73)
javax.security.auth.login.LoginException: No LoginModules
configured for guvnor
Please let me know if we are missing anything or anything
needs to be changed.
Thanks in advance.
Regards,
Gayatri Chandak
Member-BPM/BRE/BAM Sub Focus Area
TEG-Open Source
Tata Consultancy Services
Yantra Park -(STPI)
2nd Pokharan Road,
Opp HRD Voltas Center,Subash Nagar
Mumbai - 400 601,Maharashtra
India
Ph:- 022-67782556
Mailto: gayatri.chandak(a)tcs.com
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Outsourcing
____________________________________________
From: Gayatri Chandak/MUM/TCS
To: rules-users(a)lists.jboss.org
Date: 04/15/2010 11:02 AM
Subject: Integration issue : Guvnor with Openldap
Sent by: Gayatri Chandak
Hello All,
I am trying to integrate the Guvnor with Openldap, for which I am following
the below link.
http://magazine.redhat.com/2008/08/14/jboss-drools-how-to-tuning-guvnor-p...
The Server starts properly, but it does not recognize the user.
Issue faced:
I have to replace the file based authentication part with the Openldap
code, which is given below.
ldaps://localhost:16636
ssl
cn=DirManager,dc=kijanowski,dc=eu
admin123
ou=People,o=guvnor,dc=kijanowski,dc=eu
(uid={0})
ou=Roles,o=guvnor,dc=kijanowski,dc=eu
(member={1})
cn
-1
ONELEVEL_SCOPE
I have no idea how to write the above code in the xml file.
Can anyone please help me on this?
Attaching the login-config.xml file, please find.
[attachment "login-config.xml" deleted by Gayatri Chandak/TVM/TCS]
Thanks and regards,
Gayatri Chandak
Member-BPM/BRE/BAM Sub Focus Area
TEG-Open Source
Tata Consultancy Services
Yantra Park -(STPI)
2nd Pokharan Road,
Opp HRD Voltas Center,Subash Nagar
Mumbai - 400 601,Maharashtra
India
Ph:- 022-67782556
Mailto: gayatri.chandak(a)tcs.com
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Outsourcing
____________________________________________
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you
_______________________________________________
rules-users mailing list
rules-users(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users