Java Mailing List Archive

http://www.junlu.com/

Google
Google
Mailing List
Home
Forum Home
JBoss - Java Application Server
Tomcat - JSP/Servlet container
Struts - A MVC web framework
iText - An open source PDF Java Library
JDOM - JDOM XML Parser
JSP - A mailing list about Java Server Pages specification and reference
J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition
J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog
Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology
Struts & Hibernate
Subjects
JSP editor plugin for eclipse ?
org apache jasper JasperException: Unable to compile class for JSP
Tomcat: Connection reset by peer: socket write error
Cannot retrieve definition for form bean null
Struts Tiles Tutorial (free Struts training)
Where do I download Tomcat 4 0 6?
Data Access Object (DAO) pattern, example DAO 's
Where to download Tomcat v 4 1 24 from?
Tomcat 5 0 16 Requested resource not available
Servlet : Session invalidate
Oracle Connection Pooling in 3 2 2
Servlet action is currently unavailable
Tomcat/Struts Unicode Encoding/Decoding problems
Running a Simple JMS Example
Tomcat and webapplication specific java library path
Mapping in workers2 properties
org apache jasper JasperException
problem with html:text bean throwing exception
Cannot find message resources under key org apache struts action
   MESSAGE
Cannot find message resources under key org apache struts action MESSAGE
invalid direct reference problem with solution
Tool for jsp debug Try Sysdeo Eclipse Plugin
Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
weblogic ejbc
java properties file
Jboss 3 2 3 Coyote Can 't re
Tomcat 5, Apache2 and mod jk2 integration problem
JBoss example problem new to J2EE
Value attribute of <html:checkbox
url string for connecting jboss to oracle
javax servlet ServletException: BeanUtils populate
5 0 18: Windows XP Pro vs Windows 2000
HTTP Status 404 The requested resource is not available
 
- IdentityException

- IdentityException

2007-08-13       - By georgy

 Back
I have some difficulties with my ldap configuration

My configuration is :

login-config.xml


 |     <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule"
flag="sufficient">
 |             <module-option name="unauthenticatedIdentity">guest</module
-option>
 |             <module-option name="userModuleJNDIName">java:/portal
/UserModule</module-option>
 |             <module-option name="roleModuleJNDIName">java:/portal
/RoleModule</module-option>
 |             <module-option name="userProfileModuleJNDIName">java:/portal
/UserProfileModule</module-option>
 |             <module-option name="membershipModuleJNDIName">java:/portal
/MembershipModule</module-option>
 |             <module-option name="additionalRole">Authenticated</module
-option>
 |             <module-option name="password-stacking">useFirstPass</module
-option>
 |          </login-module>
 |    
 |    
 |    
 |      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
 |       <module-option name="java.naming.factory.initial">com.sun.jndi.ldap
.LdapCtxFactory</module-option>
 |             <module-option name="java.naming.provider.url">ldap://192.168
.10.240:389</module-option>
 |             <module-option name="java.naming.security.authentication"
>simple</module-option>
 |             <module-option name="bindDN">bind@(protected)</module
-option>
 |             <module-option name="bindCredential">****</module-option>
 |       <module-option name="roleFilter">(sAMAccountName={0})</module-option>
 |             <module-option name="roleAttributeID">memberOf</module-option>
 |             <module-option name="roleAttributeIsDN">true</module-option>
 |             <module-option name="roleNameAttributeID">cn</module-option>
 |             <module-option name="roleRecursion">-1</module-option>
 |             <module-option name="searchTimeLimit">10000</module-option>
 |             <module-option name="searchScope">SUBTREE_SCOPE</module-option>
 |             <module-option name="allowEmptyPasswords">false</module-option>
 |       <!--<module-option name="hashAlgorithm">MD5</module-option>-->
 |     </login-module>
 |


ldap_config.xml


 | <identity-configuration>
 |    <datasources>
 |       <datasource>
 |          <name>LDAP</name>
 |          <config>
 |             <option>
 |                <name>host</name>
 |                <value>192.168.10.240</value>
 |             </option>
 |             <option>
 |                <name>port</name>
 |                <value>389</value>
 |             </option>
 |             <option>
 |                <name>adminDN</name>
 |                <value>bind@(protected)</value>
 |             </option>
 |             <option>
 |                <name>adminPassword</name>
 |                <value>*****</value>
 |             </option>
 |             <!--<option>
 |                <name>protocol</name>
 |                <value>ssl</value>
 |             </option>-->
 |          </config>
 |       </datasource>
 |    </datasources>
 |    <modules>
 |       <module>
 |          <!--type used to correctly map in IdentityContext registry-->
 |          <type>User</type>
 |          <implementation>LDAP</implementation>
 |     <class>org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl</class>
 |          <config/>
 |       </module>
 |       <module>
 |          <type>Role</type>
 |          <implementation>LDAP</implementation>
 |          <config/>
 |       </module>
 |       <module>
 |          <type>Membership</type>
 |          <implementation>LDAP</implementation>
 |          <config/>
 |       </module>
 |       <module>
 |          <type>UserProfile</type>
 |          <implementation>DELEGATING</implementation>
 |          <config>
 |             <option>
 |                <name>ldapModuleJNDIName</name>
 |                <value>java:/portal/LDAPUserProfileModule</value>
 |             </option>
 |          </config>
 |       </module>
 |       <module>
 |          <type>DBDelegateUserProfile</type>
 |          <implementation>DB</implementation>
 |          <config>
 |             <option>
 |                <name>randomSynchronizePassword</name>
 |                <value>true</value>
 |             </option>
 |          </config>
 |       </module>
 |       <module>
 |          <type>LDAPDelegateUserProfile</type>
 |          <implementation>LDAP</implementation>
 |          <config/>
 |       </module>
 |    </modules>
 |
 |    <options>
 |       <option-group>
 |          <group-name>common</group-name>
 |          <option>
 |             <name>userCtxDN</name>  
 |   <value>ou=IDF,ou=Collaborateurs,dc=proxiad-nord,dc=com</value>
 |       <value>ou=Nord,ou=Collaborateurs,dc=proxiad-nord,dc=com</value>
 |          </option>
 |      <!--<option>
 |             <name>passwordAttributeID</name>
 |             <value>userPassword</value>
 |          </option>-->
 |          <option>
 |             <name>roleCtxDN</name>
 |             <value>ou=Groupes,dc=proxiad-nord,dc=com</value>
 |          </option>
 |     <option>
 |       <name>userSearchFilter</name>
 |       <value><![CDATA[(sAMAccountName={0})]]></value>
 |     </option>
 |
 |    
 |       </option-group>
 |       <option-group>
 |          <group-name>userCreateAttibutes</group-name>
 |          <option>
 |             <name>objectClass</name>
 |             <!--This objectclasses should work with Red Hat Directory-->
 |             <value>top</value>
 |             <value>person</value>
 |             <value>inetOrgPerson</value>
 |          </option>
 |          <!--Schema requires those to have initial value-->
 |          <option>
 |             <name>cn</name>
 |             <value>none</value>
 |          </option>
 |          <option>
 |             <name>sn</name>
 |             <value>none</value>
 |          </option>
 |       </option-group>
 |       <option-group>
 |          <group-name>roleCreateAttibutes</group-name>
 |          <!--Schema requires those to have initial value-->
 |          <option>
 |             <name>cn</name>
 |             <value>none</value>
 |          </option>
 |          <!--Some directory servers require this attribute to be valid DN-->
 |          <!--For safety reasons point to the admin user here-->
 |          <option>
 |             <name>member</name>
 |             <value>cn=Admin,ou=Groupes,dc=proxiad-nord,dc=com</value>
 |          </option>
 |       </option-group>
 |    </options>
 | </identity-configuration>
 |



here is the  exception i get after i try to log in with correct login and
password


 | 2007-08-13 12:32:43,422 DEBUG [org.jboss.portal.identity.ldap
.LDAPExtUserModuleImpl] Search filter: (sAMAccountName={0})
 | 2007-08-13 12:32:43,422 DEBUG [org.jboss.portal.identity.ldap
.LDAPExtUserModuleImpl] Search filter: (sAMAccountName={0})
 | 2007-08-13 12:32:43,422 DEBUG [org.jboss.portal.identity.ldap
.LDAPExtUserModuleImpl] Search filterArg: {0}: g.mahop
 | 2007-08-13 12:32:43,422 DEBUG [org.jboss.portal.identity.ldap
.LDAPExtUserModuleImpl] Search ctx: ou=Nord,ou=Collaborateurs,dc=proxiad-nord,dc
=com
 | 2007-08-13 12:32:43,484 ERROR [org.jboss.portal.identity.auth
.IdentityLoginModule] Error when validating password
 | org.jboss.portal.common.transaction.NestedException: javax.security.auth
.login.LoginException: org.jboss.portal.identity.IdentityException: Couldn't
create LDAPUserImpl object from ldap entry (SearchResult)
 |   at org.jboss.portal.common.transaction.Transactions.apply(Transactions
.java:253)
 |   at org.jboss.portal.common.transaction.Transactions.required(Transactions
.java:289)
 |   at org.jboss.portal.identity.auth.IdentityLoginModule.getUserStatus
(IdentityLoginModule.java:204)
 |   at org.jboss.portal.identity.auth.IdentityLoginModule.validatePassword
(IdentityLoginModule.java:158)
 |   at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login
(UsernamePasswordLoginModule.java:210)
 |   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 |   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
.java:39)
 |   at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
 |   at java.lang.reflect.Method.invoke(Method.java:585)
 |   at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
 |   at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 |   at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
 |   at java.security.AccessController.doPrivileged(Native Method)
 |   at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 |   at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 |   at org.jboss.security.plugins.JaasSecurityManager.defaultLogin
(JaasSecurityManager.java:603)
 |   at org.jboss.security.plugins.JaasSecurityManager.authenticate
(JaasSecurityManager.java:537)
 |   at org.jboss.security.plugins.JaasSecurityManager.isValid
(JaasSecurityManager.java:344)
 |   at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate
(JBossSecurityMgrRealm.java:491)
 |   at org.apache.catalina.authenticator.FormAuthenticator.authenticate
(FormAuthenticator.java:258)
 |   at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:417)
 |   at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve
.java:84)
 |   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve
.java:128)
 |   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve
.java:104)
 |   at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke
(CachedConnectionValve.java:157)
 |   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve
.java:109)
 |   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java
:241)
 |   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:844)
 |   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process
(Http11Protocol.java:580)
 |   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
 |   at java.lang.Thread.run(Thread.java:595)
 | Caused by: javax.security.auth.login.LoginException: org.jboss.portal
.identity.IdentityException: Couldn't create LDAPUserImpl object from ldap entry
(SearchResult)
 |   at org.jboss.portal.identity.auth.IdentityLoginModule$1.run
(IdentityLoginModule.java:260)
 |   at org.jboss.portal.common.transaction.Transactions.apply(Transactions
.java:219)
 |   ... 30 more
 | 2007-08-13 12:32:43,484 DEBUG [org.jboss.portal.identity.auth
.IdentityLoginModule] Bad password for username=g.mahop
 | 2007-08-13 12:32:43,500 DEBUG [org.jboss.security.auth.spi
.LdapExtLoginModule] Bad password for username=g.mahop
 | java.lang.NullPointerException
 |   at javax.naming.InitialContext.getURLScheme(InitialContext.java:228)
 |   at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java
:277)
 |   at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx
(InitialDirContext.java:87)
 |   at javax.naming.directory.InitialDirContext.search(InitialDirContext.java
:267)
 |   at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication
(LdapExtLoginModule.java:375)
 |   at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext
(LdapExtLoginModule.java:336)
 |   at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword
(LdapExtLoginModule.java:229)
 |   at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login
(UsernamePasswordLoginModule.java:210)
 |   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 |   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
.java:39)
 |   at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
 |   at java.lang.reflect.Method.invoke(Method.java:585)
 |   at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
 |   at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 |   at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
 |   at java.security.AccessController.doPrivileged(Native Method)
 |   at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 |   at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 |   at org.jboss.security.plugins.JaasSecurityManager.defaultLogin
(JaasSecurityManager.java:603)
 |   at org.jboss.security.plugins.JaasSecurityManager.authenticate
(JaasSecurityManager.java:537)
 |   at org.jboss.security.plugins.JaasSecurityManager.isValid
(JaasSecurityManager.java:344)
 |   at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate
(JBossSecurityMgrRealm.java:491)
 |   at org.apache.catalina.authenticator.FormAuthenticator.authenticate
(FormAuthenticator.java:258)
 |   at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:417)
 |   at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve
.java:84)
 |   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve
.java:128)
 |   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve
.java:104)
 |   at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke
(CachedConnectionValve.java:157)
 |   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve
.java:109)
 |   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java
:241)
 |   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:844)
 |   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process
(Http11Protocol.java:580)
 |   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
 |   at java.lang.Thread.run(Thread.java:595)
 |
 |


I am working with

Jboss portal 2.6.1.GA
Active Directory


Any advice?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic
&p=4073529#4073529

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode
=reply&p=4073529
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
jboss-user mailing list
jboss-user@(protected)
https://lists.jboss.org/mailman/listinfo/jboss-user
©2008 junlu.com - Jax Systems, LLC, U.S.A.