[jboss-user] [Security & JAAS/JBoss] - GSSAPI - AUTHENTICATION

[marcello1975]

HI,

I AM USING ACTIVE DIRECTORY TO AUTHENTICATE MY APPLICATION USERS.

I PUT LOGIN CONFIGURATION ON LOGIN-CONFIG.XML AND I AM USING LdapExtLoginModule AS BELLOW.

<application-policy name="AD">

<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url">ldap://srvspfs.softtek.com.br:389/</module-option>
<module-option name="java.naming.security.authentication">GSSAPI</module-option>
<module-option name="bindDN">cn=Wellington de Oliveira Ferro,ou=GASS,ou=SP,dc=softtek,dc=com,dc=br</module-option>
<module-option name="bindCredential">Turbo43!</module-option>
<module-option name="baseCtxDN">dc=softtek,dc=com,dc=br</module-option>
<module-option name="rolesCtxDN">ou=SP,dc=softtek,dc=com,dc=br</module-option>
<module-option name="baseFilter">(sAMAccountName={0})</module-option>
<module-option name="roleFilter">(member={1})</module-option>
</login-module>
</application-policy>

WHEN I AM USING java.naming.security.authentication AS simple, THERE IS NO PROBLEM. THE APPLICATION AUTHENTICATE OK.

BUT WHEN I TRY TO CHANGE THIS FOR SOME ENCRYPTED AND SAFE SECURITY LIKE (GSSAPI OR Digest-MD5) IT SIMPLY DOESNT WORK.

ANYBODY KNOWS HOW TO PUT IT WORKING?
THE MISSION IS TO GUARANTEE SAFE COMUNICATION BETWEEN JBOSS/JASS AND ACTIVE DIRECTORY.

THE LAST EXCEPTION IS:
Caused by: javax.security.auth.login.LoginException: Missing users.properties file.
BUT I AM NOT USING users.properties... i am going to autheticate in ldap server!!! 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4136290#4136290

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4136290