[jboss-user] [Security & JAAS/JBoss] - Passing LDAP-authenticated users from Apache to JBoss
do-not-reply at jboss.com
Wed Feb 18 13:44:08 EST 2009
[Was looking for a way to transfer this post from another forum, but couldn't, so pasting here anyway. Apologies for those reading this twice :(]
I was hoping to get your insights. I am trying to migrate an Apache+LDAP+Tomcat application to an Apache+LDAP+JBoss set-up.
Authentication is done by Apache via LDAP for protected resources. While it works fine for the existing Tomcat set-up, on my JBoss set-up, it does not work; server.log shows nullpointer exceptions because it is not able to pick up the user that just logged in. I can confirm via Apache's logs that LDAP authentication is happening correctly, but looking at the JBoss request dumper logs, I observe that remoteuser=null. Other parameters have values in them, such as request uri, header referer, remoteaddr, servletpath, etc.
Now since I am not a developer, I am not sure if picking up the username from the Apache request should be done programatically, or if I am missing something in the JBoss configuration.
Apache 2.0.63, JBossAS4.2.3GA, mod_jk1.2.27
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4211242#4211242
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4211242
More information about the jboss-user