[jboss-user] [JBoss Portal] - Re: LDAP Authentication & Authorization to eDirectory

arnieAustin do-not-reply at jboss.com
Wed May 23 11:00:50 EDT 2007 

Well, THAT was an exercise in futility! :) No change what so ever. I did notice that the ant builds were creating the sar and wars as ZIP files. So I unzipped the jboss-portal.sar file to a folder in the ./deploy folder. Then I placed the other wars into the .sar folder. Note that I simply removed the old jboss-portal.sar folder for the new one, in the same jboss-as installation that originally came w/t bundle.

After reconfiguring the \jboss-portal.sar\conf\identity\ldap_identity-config.xml file, was able to boot the server. To no avail. 

I do see:
09:39:40,687 ERROR [LDAPUserProfileModuleImpl] No such attribute ('seeAlso') in entry: cn=admin,ou=APPS,ou=PEOPLE,o=IDV

Now, I can't speak to other LDAP servers, but in the case of Novell eDirectory, the seeAlso attribute is a list of DNs, not a text field. Is that what the ProfileModuleImp class is expecting? Can I map it to some other field? Say, description - which is a multivalued caseIgnoreString?

The log file shows:


  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] findUserByUserName(): username = admin
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filterArg: {0}: admin
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search ctx: ou=People,o=idv
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user uid: cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 09:39:30,187 DEBUG [org.jboss.portal.identity.ldap.LDAPUserModule] user dn: cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 09:39:30,203 DEBUG [org.jboss.portal.identity.ldap.LDAPStaticRoleMembershipModuleImpl] findRoles(): role = cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 
  | 
  | I must have something misconfigured because if I read this right, findRoles() will never find anything like cn=admin,ou=APPS,ou=PEOPLE,o=IDV  since that's a user object, not a group object!
  | 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4047935#4047935

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4047935

More information about the jboss-user mailing list