[jboss-user] [JBoss Portal] - Failing to login using LDAP UserModule

maph2880 do-not-reply at jboss.com
Sun Apr 22 21:36:22 EDT 2007 

I am trying to configure LDAP for jboss portal BETA1.  I am attempting to login but the site returns a generic login exception when using valid credentials.  There are no exceptions generated in the log.

I have configured per the instructions at..

http://cruisecontrol.jboss.com/cc/artifacts/jboss-portal-latest-doc/referenceGuide/html/ldap.html

I am using the LDAPUserModuleImpl user module..  For the user module, i have specified the common properties for userCtxDN and uidAttributeID.  For the Role and Membership modules, I am using DB.  I have the server configured to use Mysql.  (when i use the DB specific usermodule, I can login using user credentials from the DB so the DB is configured correctely)  In the DB the user mpetteys is assigned the roles for Admin and User.

When I attempt a login i see the following messages are logged..  

2007-04-22 07:34:13,680 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Authenticating username 'mpetteys'
2007-04-22 07:34:13,686 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] findUserByUserName(): username = mpetteys
2007-04-22 07:34:13,686 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] Search filter: (uid=mpetteys)
2007-04-22 07:34:13,686 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] Search filter: (uid=mpetteys)
2007-04-22 07:34:13,705 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user uid: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
2007-04-22 07:34:13,705 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user dn: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
2007-04-22 07:34:13,715 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] findUserByUserName(): username = mpetteys
2007-04-22 07:34:13,715 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] Search filter: (uid=mpetteys)
2007-04-22 07:34:13,715 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModuleImpl] Search filter: (uid=mpetteys)
2007-04-22 07:34:13,736 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user uid: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
2007-04-22 07:34:13,736 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user dn: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
2007-04-22 07:34:13,739 DEBUG [org.apache.catalina.core.ApplicationDispatcher] servletPath=/error.jsp, pathInfo=null, queryString=null, name=null
2007-04-22 07:34:13,739 DEBUG [org.apache.catalina.core.ApplicationDispatcher]  Path Based Forward
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet] JspEngine --> /error.jsp
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet]         ServletPath: /error.jsp
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet]            PathInfo: null
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet]            RealPath: /opt/jboss-portal-2.6-BETA1/server/default/./deploy/jboss-portal.sar/portal-server.war/error.jsp
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet]          RequestURI: /portal/error.jsp
2007-04-22 07:34:13,740 DEBUG [org.apache.jasper.servlet.JspServlet]         QueryString: null

I see valid bind requests for LDAP but there are not queries sent to mysql to lookup role associations.  There is no apparent reasons why the authentication fails.  Any ideas..?  

The only weirdness that i have found in the error messages..

007-04-22 07:34:13,736 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user uid: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
2007-04-22 07:34:13,736 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user dn: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com

My ldap entries look something like..

# Matt Petteys, people, yellowguppy.com
dn: cn=Matt Petteys,ou=people,dc=yellowguppy,dc=com
sn: Petteys
givenName: Matt
cn: Matt Petteys
gecos: Matt Petteys
uid: mpetteys
userPassword:: xxxxx=

As you can see, i suspect the uid value should be mpetteys..  This appears to be caused by..

http://anonsvn.jboss.org/repos/portal/tags/JBoss_Portal_2_6_0_BETA1/identity/src/main/org/jboss/portal/identity/ldap/LDAPUserModule.java

Note in..  LDAPUserImpl createUserInstance(Attributes attrs, String dn)

The LDAPUserImpl is initialized using the dn in the third parameters which represents the uid..

ldapu = new LDAPUserImpl(dn,getIdentityContext(), dn);

There is a commented out initializer using the uid attribute in this function..

//ldapu = new LDAPUserImpl(dn,getIdentityContext(), uida.get().toString());

I don't know if this is related..?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4039666#4039666

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4039666

More information about the jboss-user mailing list