[jboss-user] [Security & JAAS/JBoss] - Authentication failing

mahamood_ahmed do-not-reply at jboss.com
Thu Feb 8 17:45:38 EST 2007 

Hi,

My requirement is 

1. Authentication will be done using by Jboss server using Active Directory.
2. I just want to check for user authentication not roles.

So i did the following things .

1. File Name - login-config.xml I made the following entry.

<application-policy name="HMActiveDirecotry">

<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
		  		<module-option name="java.naming.provider.url">ldap://indi.dev.dom:389/</module-option> 
                                <module-option name="java.naming.security.authentication">simple</module-option>
				<module-option name="java.naming.security.principal">sAMAccountName</module-option>                    
  			</login-module>
	  
	</application-policy>


2. Then in Jboss-web.xml i made the following entry.

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
  <security-domain>java:/jaas/HMActiveDirecotry</security-domain>
  <context-root>/HMActiveDirecotry</context-root>
</jboss-web>


3.In web.xml this is what i did

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
        <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
	<welcome-file>
            login.jsp
        </welcome-file>
    </welcome-file-list>
    
    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/Welcome.jsp</form-login-page>
            <form-error-page>/login_error.jsp</form-error-page>
        </form-login-config>
    </login-config>
    
    <security-constraint> 
        <web-resource-collection>
            <web-resource-name>Secure Content</web-resource-name> 
            <url-pattern>/restricted/*</url-pattern>
        </web-resource-collection>  
        <!--
        <auth-constraint>
            <role-name>*</role-name> 
        </auth-constraint>
        -->
    </security-constraint> 
    
</web-app>


4.My login page is.


        <h1>Login Page</h1>
           User Name 
            Password 
            
    

This all i did when i try to access by providing user credential it is going to Error page only . Please give me your idea what is wrong in this code.

Thanking you all

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4013305#4013305

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4013305

More information about the jboss-user mailing list