[jboss-user] [JNDI/Naming/Network] - Re: LdapLoginModule talking to microsoft adam
rbartig
do-not-reply at jboss.com
Thu Oct 25 16:45:34 EDT 2007
I finally figured it out and thought I'd post what I found in case someone else has the same issue. Turned on the trace in jboss and read through the LdapLoginModule source code. The user I was trying to log in with wasn't in the Administrators or Readers role. Doesn't even matter if they're in the Users role. Think I'm going to use LdapExtLoginModule instead. Not sure if this is a parameter that can be turned off because I couldn't find any detailed documentation on adam.
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://localhost:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="principalDNPrefix">CN=</module-option>
<module-option name="principalDNSuffix">,O=my.org</module-option>
<module-option name="rolesCtxDN">O=my.org</module-option>
<module-option name="roleAttributeID">CN</module-option>
<module-option name="uidAttributeID">member</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="allowEmptyPasswords">false</module-option>
<module-option name="matchOnUserDN">true</module-option>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4099009#4099009
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4099009
More information about the jboss-user
mailing list