[jboss-user] [JBoss Web Services] - Using mail attribute to authenticate with LdapLoginModule

[Erick Jeronimo Diaz]

Erick Jeronimo Diaz [http://community.jboss.org/people/erickjd] created the discussion

"Using mail attribute to authenticate with LdapLoginModule"

To view the discussion, visit: http://community.jboss.org/message/582799#582799

--------------------------------------------------------------
Hello i'm worried about to solve this and i'd appreciate any help from you. I authenticate my web services agains a Redhat Fedora LDAP server, and i use authorization using my Database defined roles. So for authenticate i use *org.jboss.security.auth.spi.LdapLoginModule* and for authorization i use *org.jboss.security.auth.spi.DatabaseServerLoginModule,* i can to combine both login modules thanks to +password-stacking+ attribute*.* This is a fragment of my login-config.xml:

+    <application-policy name="SecurityGdm">+
+        <authentication>+
+            <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">+
+                <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>+
+        <module-option name="java.naming.provider.url">ldap://my.ldap.def:389</module-option>+
+                <module-option name="java.naming.security.authentication">simple</module-option>+
+        <module-option name="principalDNPrefix">uid=</module-option>                   + 
+                <module-option name="principalDNSuffix">+
+                    ,ou=mydomain.com,ou=People,dc=mydomain,dc=com+
+                </module-option>+
+        <module-option name="password-stacking">useFirstPass</module-option>+
+        </login-module>+

+        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">+ 
+        <module-option name = "unauthenticatedIdentity">guest</module-option>+ 
+        <module-option name="dsJndiName"> java:/sincronizacionDS </module-option>+ 
+        <module-option name="rolesQuery"> SELECT FLDID_ROLSW, 'Roles' FROM crm.tbrrolesusuariossw WHERE FLDID_USUARIOSW = ?</module-option>+ 
+            <module-option name="password-stacking">useFirstPass</module-option>+ 
+        </login-module>    + 

+        </authentication>+
+    </application-policy>+


this configuration works if, for example, my credentials are*: user = Mary, password = *******,* BUT MY WEBMASTER NEED, INSTEAD OF LOOKING FOR AN +UID=+ AND +PASSWORD+ INSIDE MYDOMAIN, *AUTHENTICATE USING AN +EMAIL=+ AND* +*PASSWORD*.+ 

+THANKS IN ADVANCE+

+
+
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/582799#582799]

Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110124/6cc91796/attachment-0001.html