[jboss-user] [JBoss Portal] - Re: HOWTO: Replace portal authentication and authorization

dleerob do-not-reply at jboss.com
Tue Feb 13 01:17:12 EST 2007


I had some issues when enabling LDAP authentication using JBoss Portal 2.4.1. The authentication worked, but the securities did not. This is what I ended up doing. Maybe it will help you in some way:

- I downloaded the source (2.4.1) so I could build the JBoss Portal myself. 
- I DID NOT enable LDAP authenitcation and used the standard setup that comes with JBoss Portal. 
- I created all the users I wanted in JBoss Portal the usual way, all with the same password, for example, "mypassword", but made sure that each username corresponded to the user name in my LDAP directory. 
- I downloaded the JLdap library from www.openldap.org. 
- I put the jar file in the portal lib directory. 
- I added the jar file to jboss-portal-2.4.1-src\thirdparty. 
- Added the classpath to jboss-portal-2.4.1-src\identity\build.xml. 
- I edited jboss-portal-2.4.1-src\identity\src\main\org\jboss\portal\identity\auth\IdentityLoginModule in the JBoss Portal source code and added my own LDAPAuthentication method. 
- In IdentityLoginModule, I edited the method validatePassword, and at the top of it, I called my LDAPAuthentication method with the supplied username and password, which then returned true if LDAP authenitcation passed, or false if it failed. If true was returned, I changed the supplied password to "mypassword" in validatePassword method, otherwise I changed it to "incorrect" or some other incorrect string. Now the rest of validatePassword method continues normally, and will login the user locally if they used their correct LDAP password. 
- I built the portal source from scratch, and my customized LDAP authentication worked perfectly. 

A workaround I know, but it works, and hopefully will help someone else. 
When JBoss Portal 2.6 is stable, I will upgrade to that, and all of this will probably fall away

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4015615#4015615

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4015615



More information about the jboss-user mailing list