[jboss-jira] [JBoss JIRA] (AS7-6414) Management Console - LDAP authentication fails

narayana b (JIRA) jira-events at lists.jboss.org
Fri Feb 8 06:06:51 EST 2013 

    [ https://issues.jboss.org/browse/AS7-6414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12752977#comment-12752977 ] 

narayana b commented on AS7-6414:
---------------------------------

Hi,

1) The module is E:\jboss\jboss-as-7.1.1.Final\modules\org\jboss\com\sun\httpserver

2) added  [Dependency fullfilled in module.xml for "org.jboss.as.server:main"]
3) addded [Dependency fullfilled in module.xml for "org.jboss.com.sun.net.httpserver.Filter$Chain"]
Now i dont see those previous errors but management ldap console fails
[401  Unauthorized]



Part of TRACE level log
---------------
16:27:59,736 TRACE [org.jboss.modules] (HttpManagementService-threads - 2) Finding local class org.jboss.as.domain.http.server.security.BasicAuthenticator from Module "org.jboss.as.domain-http-interface:main" from local module loader @d3d6f (roots: E:\jboss\jboss-as-7.1.1.Final\modules)
16:27:59,736 TRACE [org.jboss.modules] (HttpManagementService-threads - 2) Found previously loaded class org.jboss.as.domain.http.server.security.BasicAuthenticator from Module "org.jboss.as.domain-http-interface:main" from local module loader @d3d6f (roots: E:\jboss\jboss-as-7.1.1.Final\modules)
16:27:59,736 TRACE [org.jboss.modules] (HttpManagementService-threads - 2) Finding class org.jboss.com.sun.net.httpserver.BasicAuthenticator from Module "org.jboss.as.server:main" from local module loader @d3d6f (roots: E:\jboss\jboss-as-7.1.1.Final\modules)
16:27:59,736 TRACE [org.jboss.modules] (HttpManagementService-threads - 2) Finding local class org.jboss.com.sun.net.httpserver.BasicAuthenticator from Module "org.jboss.com.sun.httpserver:main" from local module loader @d3d6f (roots: E:\jboss\jboss-as-7.1.1.Final\modules)
16:27:59,736 TRACE [org.jboss.modules] (HttpManagementService-threads - 2) Found previously loaded class org.jboss.com.sun.net.httpserver.BasicAuthenticator from Module "org.jboss.com.sun.httpserver:main" from local module loader @d3d6f (roots: E:\jboss\jboss-as-7.1.1.Final\modules)
16:27:59,720 DEBUG [org.jboss.as.domain.http.api] (HttpManagementService-threads - 2) Callback handle failed.: java.io.IOException: JBAS015220: Unable to perform verification
	at org.jboss.as.domain.management.security.UserLdapCallbackHandler.handle(UserLdapCallbackHandler.java:220) [jboss-as-domain-management-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.as.domain.http.server.security.AuthenticationProvider$1.handle(AuthenticationProvider.java:80) [jboss-as-domain-http-interface-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.as.domain.http.server.security.BasicAuthenticator.checkCredentials(BasicAuthenticator.java:135) [jboss-as-domain-http-interface-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.com.sun.net.httpserver.BasicAuthenticator.authenticate(BasicAuthenticator.java:77) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.as.domain.http.server.security.BasicAuthenticator._authenticate(BasicAuthenticator.java:102) [jboss-as-domain-http-interface-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.as.domain.http.server.security.BasicAuthenticator.authenticate(BasicAuthenticator.java:79) [jboss-as-domain-http-interface-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:64) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:710) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:78) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.as.domain.http.server.RealmReadinessFilter.doFilter(RealmReadinessFilter.java:54) [jboss-as-domain-http-interface-7.1.1.Final.jar:7.1.1.Final]
	at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at org.jboss.sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:682) [httpserver-1.0.0.Final.jar:1.0.0.Final]
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_17]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_17]
	at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_17]
	at org.jboss.threads.JBossThread.run(JBossThread.java:122) [jboss-threads-2.0.0.GA.jar:2.0.0.GA]
Caused by: java.io.IOException: JBAS015231: User 'jboss' not found in directory.
	at org.jboss.as.domain.management.security.UserLdapCallbackHandler.handle(UserLdapCallbackHandler.java:193) [jboss-as-domain-management-7.1.1.Final.jar:7.1.1.Final]
	... 16 more

16:27:59,752 FINE  [com.sun.net.httpserver] (HttpManagementService-threads - 2) POST /management HTTP/1.1 [401  Unauthorized] ()

                
> Management Console - LDAP authentication fails
> ----------------------------------------------
>
>                 Key: AS7-6414
>                 URL: https://issues.jboss.org/browse/AS7-6414
>             Project: Application Server 7
>          Issue Type: Bug
>         Environment: JBoss 7.1.1 on windows xp 32 / jboss 7.1.2 on cent os 6.3, x86_64, standalone.xml
>            Reporter: narayana b
>            Assignee: Darran Lofthouse
>
> 1) security realms
> 	<!-- nari start -->
> 			<security-realm name="my_Ldap_Realm">
>                 <authentication>
> 			        <ldap connection="my_Ldap_Connection" base-dn="dc=example,dc=com">
> 					     <username-filter attribute="sAMAccountName"/>
> 						 <!--
> 						 <advanced-filter filter="(sAMAccountName={0})"/> -->
> 					</ldap>
>                 </authentication>
>             </security-realm>
> 			<!-- nari end -->
> 2) outbound connections
> <!--nari start -->
> 		 <outbound-connections>
> 			<ldap  name="my_Ldap_Connection" 
>                 url="ldap://localhost:10389/" 
>                 search-dn="cn=jboss,ou=People,dc=example,dc=com" search-credential="admin123" /> 
> 		 </outbound-connections>
> 		<!--nari  end -->
> 3) Management console info config
>    <!-- nari -->
>             <native-interface security-realm="my_Ldap_Realm">
>                 <socket-binding native="management-native"/>
>             </native-interface>
>             <http-interface security-realm="my_Ldap_Realm">
> 			    <socket-binding http="management-http"/>
> 				<!-- nari disabled [http] and enabled [https]
> 				<socket-binding https="management-console-https"/> -->
> 				
>             </http-interface>
> 			<!-- nari end -->

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list