[jboss-user] [Security & JAAS/JBoss] - GSSAPI - AUTHENTICATION
marcello1975
do-not-reply at jboss.com
Thu Mar 13 09:55:29 EDT 2008
HI,
I AM USING ACTIVE DIRECTORY TO AUTHENTICATE MY APPLICATION USERS.
I PUT LOGIN CONFIGURATION ON LOGIN-CONFIG.XML AND I AM USING LdapExtLoginModule AS BELLOW.
<application-policy name="AD">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url">ldap://srvspfs.softtek.com.br:389/</module-option>
<module-option name="java.naming.security.authentication">GSSAPI</module-option>
<module-option name="bindDN">cn=Wellington de Oliveira Ferro,ou=GASS,ou=SP,dc=softtek,dc=com,dc=br</module-option>
<module-option name="bindCredential">Turbo43!</module-option>
<module-option name="baseCtxDN">dc=softtek,dc=com,dc=br</module-option>
<module-option name="rolesCtxDN">ou=SP,dc=softtek,dc=com,dc=br</module-option>
<module-option name="baseFilter">(sAMAccountName={0})</module-option>
<module-option name="roleFilter">(member={1})</module-option>
</login-module>
</application-policy>
WHEN I AM USING java.naming.security.authentication AS simple, THERE IS NO PROBLEM. THE APPLICATION AUTHENTICATE OK.
BUT WHEN I TRY TO CHANGE THIS FOR SOME ENCRYPTED AND SAFE SECURITY LIKE (GSSAPI OR Digest-MD5) IT SIMPLY DOESNT WORK.
ANYBODY KNOWS HOW TO PUT IT WORKING?
THE MISSION IS TO GUARANTEE SAFE COMUNICATION BETWEEN JBOSS/JASS AND ACTIVE DIRECTORY.
THE LAST EXCEPTION IS:
Caused by: javax.security.auth.login.LoginException: Missing users.properties file.
BUT I AM NOT USING users.properties... i am going to autheticate in ldap server!!!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4136290#4136290
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4136290
More information about the jboss-user
mailing list