[jboss-jira] [JBoss JIRA] (AS7-3197) username-attribute may not be null in ldap security realm
Yves Peter (Updated) (JIRA)
jira-events at lists.jboss.org
Thu Jan 5 02:41:09 EST 2012
[ https://issues.jboss.org/browse/AS7-3197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yves Peter updated AS7-3197:
----------------------------
Affects Version/s: 7.1.0.CR1
Description:
I tried the new JBoss 7.1 CR1 and get a strange error with this configuration that used to work in Beta1b:
{code:xml}
<management>
<security-realms>
<security-realm name="PropertiesMgmtSecurityRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" />
</authentication>
</security-realm>
<security-realm name="LDAPMgmtSecurityRealm">
<authentication>
<ldap connection="ldap_connection" recursive="true" base-dn="OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test">
<advanced-filter filter="(&(sAMAccountName={0})(memberOf=CN=AJBOSSSUPER,OU=Groups,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test))" />
</ldap>
</authentication>
</security-realm>
</security-realms>
<outbound-connections>
<ldap name="ldap_connection" url=//addc01.uyellow.yellowcorp.test" search-dn="CN=User,OU=Service-Accounts,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test"
search-credential="pw" />
</outbound-connections>
<management-interfaces>
<native-interface security-realm="PropertiesMgmtSecurityRealm">
<socket-binding native="management-native" />
</native-interface>
<http-interface security-realm="LDAPMgmtSecurityRealm">
<socket-binding http="management-http" />
</http-interface>
</management-interfaces>
</management>
{code}
Error:
{noformat}
16:26:24,923 INFO [org.jboss.modules] JBoss Modules version 1.1.0.CR6
16:26:25,635 INFO [org.jboss.msc] JBoss MSC version 1.0.1.GA
16:26:25,719 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" starting
16:26:27,402 ERROR [org.jboss.as.controller.management-operation] Operation ("add") failed - address: ([
("core-service" => "management"),
("security-realm" => "LDAPMgmtSecurityRealm"),
("authentication" => "ldap")
]) - failure description: "JBAS014746: username-attribute may not be null"
16:26:27,407 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" started in 2859ms - Started 19 of 20 services (1 services are passive or on-demand)
16:29:42,092 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" stopped in 9ms
{noformat}
It used to work in the 7.1 Beta. I validated my xml and it seams to be valid.
was:
I tried the new JBoss 7.1 CR1 and get a strange error with this configuration that used to work in Beta1b:
<management>
<security-realms>
<security-realm name="PropertiesMgmtSecurityRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" />
</authentication>
</security-realm>
<security-realm name="LDAPMgmtSecurityRealm">
<authentication>
<ldap connection="ldap_connection" recursive="true" base-dn="OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test">
<advanced-filter filter="(&(sAMAccountName={0})(memberOf=CN=AJBOSSSUPER,OU=Groups,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test))" />
</ldap>
</authentication>
</security-realm>
</security-realms>
<outbound-connections>
<ldap name="ldap_connection" url=//addc01.uyellow.yellowcorp.test" search-dn="CN=User,OU=Service-Accounts,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test"
search-credential="pw" />
</outbound-connections>
<management-interfaces>
<native-interface security-realm="PropertiesMgmtSecurityRealm">
<socket-binding native="management-native" />
</native-interface>
<http-interface security-realm="LDAPMgmtSecurityRealm">
<socket-binding http="management-http" />
</http-interface>
</management-interfaces>
</management>
Error:
16:26:24,923 INFO [org.jboss.modules] JBoss Modules version 1.1.0.CR6
16:26:25,635 INFO [org.jboss.msc] JBoss MSC version 1.0.1.GA
16:26:25,719 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" starting
16:26:27,402 ERROR [org.jboss.as.controller.management-operation] Operation ("add") failed - address: ([
("core-service" => "management"),
("security-realm" => "LDAPMgmtSecurityRealm"),
("authentication" => "ldap")
]) - failure description: "JBAS014746: username-attribute may not be null"
16:26:27,407 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" started in 2859ms - Started 19 of 20 services (1 services are passive or on-demand)
16:29:42,092 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" stopped in 9ms
It used to work in the 7.1 Beta. I validated my xml and it seams to be valid.
Component/s: Security
Forum Reference: http://community.jboss.org/message/644649#644649 (was: http://community.jboss.org/message/644649#644649)
> username-attribute may not be null in ldap security realm
> ---------------------------------------------------------
>
> Key: AS7-3197
> URL: https://issues.jboss.org/browse/AS7-3197
> Project: Application Server 7
> Issue Type: Bug
> Components: Security
> Affects Versions: 7.1.0.CR1
> Reporter: Yves Peter
>
> I tried the new JBoss 7.1 CR1 and get a strange error with this configuration that used to work in Beta1b:
> {code:xml}
> <management>
> <security-realms>
> <security-realm name="PropertiesMgmtSecurityRealm">
> <authentication>
> <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" />
> </authentication>
> </security-realm>
> <security-realm name="LDAPMgmtSecurityRealm">
> <authentication>
> <ldap connection="ldap_connection" recursive="true" base-dn="OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test">
> <advanced-filter filter="(&(sAMAccountName={0})(memberOf=CN=AJBOSSSUPER,OU=Groups,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test))" />
> </ldap>
> </authentication>
> </security-realm>
> </security-realms>
> <outbound-connections>
> <ldap name="ldap_connection" url=//addc01.uyellow.yellowcorp.test" search-dn="CN=User,OU=Service-Accounts,OU=yellow-Acc,DC=uyellow,DC=yellowcorp,DC=test"
> search-credential="pw" />
> </outbound-connections>
> <management-interfaces>
> <native-interface security-realm="PropertiesMgmtSecurityRealm">
> <socket-binding native="management-native" />
> </native-interface>
> <http-interface security-realm="LDAPMgmtSecurityRealm">
> <socket-binding http="management-http" />
> </http-interface>
> </management-interfaces>
> </management>
> {code}
> Error:
> {noformat}
> 16:26:24,923 INFO [org.jboss.modules] JBoss Modules version 1.1.0.CR6
> 16:26:25,635 INFO [org.jboss.msc] JBoss MSC version 1.0.1.GA
> 16:26:25,719 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" starting
> 16:26:27,402 ERROR [org.jboss.as.controller.management-operation] Operation ("add") failed - address: ([
> ("core-service" => "management"),
> ("security-realm" => "LDAPMgmtSecurityRealm"),
> ("authentication" => "ldap")
> ]) - failure description: "JBAS014746: username-attribute may not be null"
> 16:26:27,407 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" started in 2859ms - Started 19 of 20 services (1 services are passive or on-demand)
> 16:29:42,092 INFO [org.jboss.as] JBoss AS 7.1.0.CR1b "Flux Capacitor" stopped in 9ms
> {noformat}
> It used to work in the 7.1 Beta. I validated my xml and it seams to be valid.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list