[seam-issues] [JBoss JIRA] Commented: (JBSEAM-4452) Enable LdapIdentityStore to access LDAP via SSL

Enable LdapIdentityStore to access LDAP via SSL ----------------------------------------------- Key: JBSEAM-4452 URL: https://issues.jboss.org/browse/JBSEAM-4452 Project: Seam Issue Type: Feature Request Affects Versions: 2.2.0.GA Environment: Ubuntu 9.04, JBoss AS 5.1.0 GA Reporter: Marco Brizi Assignee: Shane Bryzak Labels: identitystore, ldap, ssl Attachments: stacktrace.log The current LdapIdentityStore offers a good support for integrate an LDAP repository. Unfortunately, at the moment, there is no configuration to access it via SSL. The minimum support could be done by adding a new boolean attribute (for ex. ssl-enabled) in the ldap-identity-store element to offer the possibility to choose or not a secure communication. I've tried to implement this extension changing security-2.2.xsd and the LdapIdentityStore class. In the second file my work has been on new attribute getter/setter and on initialiseContext(String principal, String credentials) method just adding the following lines : String ldapProtocol = "ldap"; if (isSslEnabled()) { ldapProtocol = "ldaps"; env.setProperty(Context.SECURITY_PROTOCOL, "ssl"); } String providerUrl = String.format("%s://%s:%d", ldapProtocol, getServerAddress(), getServerPort()); In addition get the server certificate and set the -Djavax.net.ssl.trustStore=/path/to/keystore as JAVA_OPTS is needed. At the moment I'm able to initiate the communication with secure LDAP server but the Identity.authenticate causes a "javax.security.auth.login.LoginException: Login Failure: all modules ignored" The complete stacktrace is attached to the issue.