- LDAPExtLoginModule binds with credentials

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

JSP - A mailing list about Java Server Pages specification and reference

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

- LDAPExtLoginModule binds with credentials

- LDAPExtLoginModule binds with credentials

2007-06-13 - By TiJay

Back
Hi at all,

this problem I now want to describe you already exists for a long time and I
had no idea how to fix it.
My job was to create a LDAP-using authentication for a JEE-project with
'LdapExtLoginModule', so I used the page http://wiki.jboss.org/wiki/Wiki.jsp
?page=LdapExtLoginModule to get some information about this module.

Then I set up an OpenLDAP-server on my vServer.
suffix "dc=jonischkat,dc=de"
| rootdn "cn=root,dc=jonischkat,dc=de"
| rootpw XXXmyPasswordXXX

I populated the server with these entries (remark: capsys-user is the
authenticated security role):

The application policy in 'login-config.xml' looks like this:

| <application-policy name="testLDAP">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.LdapLoginModule

Source code of org.jboss.security.auth.spi.LdapLoginModule

" flag=
"required">
| <module-option name="java.naming.factory.initial">com.sun.jndi.ldap
.LdapCtxFactory</module-option>
| <module-option name="java.naming.provider.url">ldap://my.vserver.ip
.address/</module-option>
| <module-option name="java.naming.security.authentication">simple</module
-option>
| 
| <module-option name="bindDN">cn=root,dc=jonischkat,dc=de</module-option>
| <module-option name="bindCredential">XXXmyPasswordXXX</module-option>
| <module-option name="baseCtxDN">ou=People,dc=jonischkat,dc=de</module
-option>
| <module-option name="baseFilter">(uid={0})</module-option>
| <module-option name="rolesCtxDN">ou=Roles,dc=jonischkat,dc=de</module
-option>
| <module-option name="roleFilter">(member={1})</module-option>
| <module-option name="roleAttributeID">cn</module-option>
| <module-option name="roleRecursion">-1</module-option>
| 
| </login-module>
| </authentication>
| </application-policy>
|

When accessing the webapp, I typed the credentials username: 'tjonisch' and
password: 'XXXpasswordOfTjonischInLdapEntryXXX', but the dialog popped up a
second time.

The logfile of the LDAP server said:
Jun 5 14:46:53 uhweb25094 slapd[28244]: daemon: read active on 11
| Jun 5 14:46:53 uhweb25094 slapd[28244]: connection_get(11): got connid=1
| Jun 5 14:46:53 uhweb25094 slapd[28244]: connection_read(11): checking for
input on id=1
| Jun 5 14:46:53 uhweb25094 slapd[28244]: daemon: epoll: listen=7 active
_threads=0 tvp=NULL
| Jun 5 14:46:53 uhweb25094 slapd[28244]: do_bind
| Jun 5 14:46:53 uhweb25094 slapd[28244]: >>> dnPrettyNormal: <tjonisch>
| Jun 5 14:46:53 uhweb25094 slapd[28244]: bind: invalid dn (tjonisch)
| Jun 5 14:46:53 uhweb25094 slapd[28244]: send_ldap_result: conn=1 op=0 p=3
| Jun 5 14:46:53 uhweb25094 slapd[28244]: send_ldap_response: msgid=1 tag=97
err=34
| Jun 5 14:46:53 uhweb25094 slapd[28244]: conn=1 op=0 RESULT tag=97 err=34
text=invalid DN
| Jun 5 14:46:53 uhweb25094 slapd[28244]: daemon: activity on 1 descriptor
| Jun 5 14:46:53 uhweb25094 slapd[28244]: daemon: activity on:
| Jun 5 14:46:53 uhweb25094 slapd[28244]: 11r

So JBoss tried to bind with the credentials given by the user, not with 'bindDN
' and 'bindCredential' from the config file.

It would be really cool if someone had an idea how to fix this problem.

Greetings from Germany
Tim J.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic
&p=4053970#4053970

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode
=reply&p=4053970
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
jboss-user mailing list
jboss-user@(protected)
https://lists.jboss.org/mailman/listinfo/jboss-user