[jboss-user] [Security] - Microsoft Active Directory as LDAP with JBoss v5.1.0

DamonChong do-not-reply at jboss.com
Thu Nov 12 08:32:35 EST 2009


Hi,

Sorry, not sure if this belongs here or in Seam forum, please advise. I am having abit of a problem trying to use AD as LDAP in my JAAS config while using the latest Seam 2.2 framework. Wonder if anyone has tried the following.

In the jboss-app.xml file, I have:


  |    <module>               
  |      <service>META-INF/ActiveDirectory-login-service.xml</service>
  |    </module>
  | 

I place the ActiveDirectory-login-service.xml file in my EAR directory in the JBoss deploy folder as follows: deploy/TestProject.ear/META-INF/ directory. In this directory is the application.xml and jboss-app.xml files as well.

The ActiveDirectory-login-service.xml file contains:


  | <?xml version="1.0" encoding="UTF-8"?>
  | <server>
  |     <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
  |            name="MyCompany:service=DynamicLoginConfig">
  |         <attribute name="AuthConfig">META-INF/ActiveDirectory-login-config.xml</attribute>
  |         <depends optional-attribute-name="LoginConfigService">
  |             jboss.security:service=XMLLoginConfig
  |         </depends>
  |         <depends optional-attribute-name="SecurityManagerService">
  |             jboss.security:service=JaasSecurityManager
  |         </depends>
  |     </mbean>
  | </server>
  | 

In the same directory above, I have the ActiveDirectory-login-config.xml file which contains:


  | <?xml version='1.0'?>
  | <policy>
  | 	<application-policy name="activeDirectory">
  | 		<authentication>
  | 			<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
  | 				<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
  | 				<module-option name="java.naming.provider.url">ldap://123.123.123.123/</module-option>
  | 				<module-option name="java.naming.security.authentication">simple</module-option>
  | 				<module-option name="bindDN">mycompany\test</module-option>
  | 				<module-option name="bindCredential">password</module-option>
  | 				  
  | 				<module-option name="baseCtxDN">,DC=intranet,DC=mycompany,DC=com</module-option>
  | 				<module-option name="baseFilter">(sAMAccountName={0})</module-option>
  | 								
  | 			</login-module>
  | 		</authentication>
  | 	</application-policy>
  | </policy>
  | 

Lastly, in my components.xml file I have these included:


  | <security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="activeDirectory" remember-me="true"/>
  | 

Now upon startup of JBoss, I keep getting the errors below. I tried stepping through the codes and realize that the first time, the BasicMBeanRegistry registered the MBean nicely, but then somewhere it tries to register it again. I just can't figure out why there is 2 registrations. Am I doing something wrong or is this a bug? Thanks a million for any illumination!


  | javax.management.InstanceAlreadyExistsException: jboss.deployment:id="MyCompany:service=DynamicLoginConfig",type=Component already registered.
  | 	at org.jboss.mx.server.registry.BasicMBeanRegistry.add(BasicMBeanRegistry.java:756)
  | 	at org.jboss.mx.server.registry.BasicMBeanRegistry.registerMBean(BasicMBeanRegistry.java:233)
  | 	at sun.reflect.GeneratedMethodAccessor75.invoke(Unknown Source)
  | 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  | 	at java.lang.reflect.Method.invoke(Method.java:597)
  | 	at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157)
  | 	at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96)
  | 	at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:138)
  | 	at org.jboss.mx.server.Invocation.invoke(Invocation.java:90)
  | 	at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:140)
  | 	at org.jboss.mx.server.Invocation.invoke(Invocation.java:90)
  | 	at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
  | 	at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668)
  | 	at org.jboss.mx.server.MBeanServerImpl$3.run(MBeanServerImpl.java:1431)
  | 	at java.security.AccessController.doPrivileged(Native Method)
  | 	at org.jboss.mx.server.MBeanServerImpl.registerMBean(MBeanServerImpl.java:1426)
  | 	at org.jboss.mx.server.MBeanServerImpl.registerMBean(MBeanServerImpl.java:376)
  | 	at org.jboss.deployers.structure.spi.helpers.AbstractDeploymentContext.registerMBeans(AbstractDeploymentContext.java:1030)
  | 	at org.jboss.deployers.structure.spi.helpers.AbstractDeploymentContext.addComponent(AbstractDeploymentContext.java:722)
  | 	at org.jboss.deployers.structure.spi.helpers.AbstractDeploymentUnit.addComponent(AbstractDeploymentUnit.java:251)
  | 	at org.jboss.system.deployers.ServiceDeploymentDeployer.addServiceComponent(ServiceDeploymentDeployer.java:62)
  | 	at org.jboss.system.deployers.ServiceDeploymentDeployer$ServiceDeploymentVisitor.deploy(ServiceDeploymentDeployer.java:115)
  | 	at org.jboss.system.deployers.ServiceDeploymentDeployer$ServiceDeploymentVisitor.deploy(ServiceDeploymentDeployer.java:76)
  | 	at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployerWithInput.deploy(AbstractRealDeployerWithInput.java:125)
  | 	at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployerWithInput.internalDeploy(AbstractRealDeployerWithInput.java:102)
  | 	at org.jboss.deployers.spi.deployer.helpers.AbstractComponentDeployer.internalDeploy(AbstractComponentDeployer.java:78)
  | 	at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:50)
  | 	at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:171)
  | 	at org.jboss.deployers.plugins.deployers.DeployersImpl.doDeploy(DeployersImpl.java:1439)
  | 	at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1157)
  | 	at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1210)
  | 	at org.jboss.deployers.plugins.deployers.DeployersImpl.install(DeployersImpl.java:1098)
  | 	at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:348)
  | 	at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:1631)
  | 	at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:934)
  | 	at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1082)
  | 	at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:984)
  | 	at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:822)
  | 	at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:553)
  | 	at org.jboss.deployers.plugins.deployers.DeployersImpl.process(DeployersImpl.java:781)
  | 	at org.jboss.deployers.plugins.main.MainDeployerImpl.process(MainDeployerImpl.java:702)
  | 	at org.jboss.system.server.profileservice.repository.MainDeployerAdapter.process(MainDeployerAdapter.java:117)
  | 	at org.jboss.system.server.profileservice.hotdeploy.HDScanner.scan(HDScanner.java:362)
  | 	at org.jboss.system.server.profileservice.hotdeploy.HDScanner.run(HDScanner.java:255)
  | 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
  | 	at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:317)
  | 	at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:150)
  | 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:98)
  | 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodic(ScheduledThreadPoolExecutor.java:181)
  | 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:205)
  | 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
  | 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
  | 	at java.lang.Thread.run(Thread.java:619)
  | 

Yours gratefully,
Damon

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265234#4265234

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265234



More information about the jboss-user mailing list