[jboss-dev-forums] [JBoss AS 7 Development] - Ldap configuration
Moises Jardim Pinheiro
do-not-reply at jboss.com
Wed Jul 24 11:15:30 EDT 2013
Moises Jardim Pinheiro [https://community.jboss.org/people/jardimpinheiro] created the discussion
"Ldap configuration"
To view the discussion, visit: https://community.jboss.org/message/829547#829547
--------------------------------------------------------------
Hello!
I need to configure jboss with ldap but I have some problems.
I tried to do this:
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>HtmlAuth</web-resource-name>
<description>application security constraints
</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>LDAP Test</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/my_ldap_security_domain</security-domain>
</jboss-web>
standalone.xml
<security-domain name="my_ldap_security_domain">
<authentication>
<login-module code="LdapExtended" flag="required">
<module-option name="java.naming.provider.url" value="ldap://hml-ldap:389"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="cn=admin,dc=company,dc=com,dc=br"/>
<module-option name="bindCredential" value="pass"/>
<module-option name="baseCtxDN" value="ou=users,dc=company,dc=com,dc=br"/>
<module-option name="baseFilter" value="uid={0},dc=company,dc=com,dc=br"/>
<module-option name="rolesCtxDN" value="ou=groups,dc=company,dc=com,dc=br"/>
<module-option name="roleFilter" value="(member={1})"/>
<module-option name="roleAttributeID" value="cn"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="searchScope" value="ONELEVEL_SCOPE"/>
</login-module>
</authentication>
</security-domain>
When a put username and password occur this exception:
11:52:48,535 ERROR org.jboss.security.authentication.JBossCachedAuthenticationManager org.jboss.security.authentication.JBossCachedAuthenticationManager (http-localhost-127.0.0.1-8080-1) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) picketbox-4.0.7.Final.jar:4.0.7.Final
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at java.lang.reflect.Method.invoke(Method.java:601) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at java.security.AccessController.doPrivileged(Native Method) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at javax.security.auth.login.LoginContext.login(LoginContext.java:594) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) jboss-as-web-7.1.1.Final.jar:7.1.1.Final
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180) jbossweb-7.0.13.Final.jar:
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) jbossweb-7.0.13.Final.jar:
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) jboss-as-web-7.1.1.Final.jar:7.1.1.Final
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) jbossweb-7.0.13.Final.jar:
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) jbossweb-7.0.13.Final.jar:
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) jbossweb-7.0.13.Final.jar:
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) jbossweb-7.0.13.Final.jar:
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) jbossweb-7.0.13.Final.jar:
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) jbossweb-7.0.13.Final.jar:
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) jbossweb-7.0.13.Final.jar:
at java.lang.Thread.run(Thread.java:722) https://community.jboss.org/message/829547#829547#829547/rt.jar:1.7.0_11 Ldap configuration
Caused by: javax.naming.NamingException: PB00019: Processing Failed:Search of baseDN(ou=users,dc=company,dc=com,dc=br) found no matches
at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:482) picketbox-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:438) picketbox-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:312) picketbox-4.0.7.Final.jar:4.0.7.Final
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:267) picketbox-4.0.7.Final.jar:4.0.7.Final
What is going on?
I changed some configurations and tried a lot but I don't achieve.
There are other programs that connect in the same ldap and work fine. However in this case (with jboss) there are some problems, certainly in my configurations.
Thanks!
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/829547#829547]
Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130724/35a2fd3e/attachment-0001.html
More information about the jboss-dev-forums
mailing list