[jboss-user] [Security & JAAS/JBoss] - Re: Active Directory and LdapExtLoginModule?

Neelixx do-not-reply at jboss.com
Wed Mar 7 23:11:31 EST 2007

Well, I'm assuming you have a security group called AuthUserRole, and have placed the user you are authenticating into that security group.  I'm also assuming you are using LdapExtLoginModule, and that the security group is located in the search path defined by:

  |  <module-option name="rolesCtxDN">DC=company,DC=com</module-option> 

Also, make sure that you are recursively searching for those folders, if the security group is not located in your root context.  i.e.:

  |  <module-option name="roleRecursion">0</module-option> 

Also, do not try to authorize based on the user's primary group, as Microsoft won't respond with that attribute (see my post above).

Good Luck!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4026106#4026106

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4026106

More information about the jboss-user mailing list