[jboss-user] [Security & JAAS/JBoss] - Passing LDAP-authenticated users from Apache to JBoss

dan957 do-not-reply at jboss.com
Wed Feb 18 13:44:08 EST 2009

Hi Everyone,

[Was looking for a way to transfer this post from another forum, but couldn't, so pasting here anyway.  Apologies for those reading this twice :(]

I was hoping to get your insights.  I am trying to migrate an Apache+LDAP+Tomcat application to an Apache+LDAP+JBoss set-up.  

Authentication is done by Apache via LDAP for protected resources.  While it works fine for the existing Tomcat set-up, on my JBoss set-up, it does not work; server.log shows nullpointer exceptions because it is not able to pick up the user that just logged in.  I can confirm via Apache's logs that LDAP authentication is happening correctly, but looking at the JBoss request dumper logs, I observe that remoteuser=null.  Other parameters have values in them, such as request uri, header referer, remoteaddr, servletpath, etc.

Now since I am not a developer, I am not sure if picking up the username from the Apache request should be done programatically, or if I am missing something in the JBoss configuration.

Apache 2.0.63, JBossAS4.2.3GA, mod_jk1.2.27

Kind regards,

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4211242#4211242

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4211242

More information about the jboss-user mailing list