[jboss-user] [Security & JAAS/JBoss] - Re: Active Directory and LdapExtLoginModule?
do-not-reply at jboss.com
Wed Mar 7 23:11:31 EST 2007
Well, I'm assuming you have a security group called AuthUserRole, and have placed the user you are authenticating into that security group. I'm also assuming you are using LdapExtLoginModule, and that the security group is located in the search path defined by:
| <module-option name="rolesCtxDN">DC=company,DC=com</module-option>
Also, make sure that you are recursively searching for those folders, if the security group is not located in your root context. i.e.:
| <module-option name="roleRecursion">0</module-option>
Also, do not try to authorize based on the user's primary group, as Microsoft won't respond with that attribute (see my post above).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4026106#4026106
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4026106
More information about the jboss-user