I have JBoss portal (2.2.1-SP3-bundled) authenticating correctly against an
OpenLDAP server. When I login with a *valid* username/password, though,
subsequent pages fail with the error listed below.
Is the problem that the user 'jduke' needs to be in JBoss's user database as
well as in LDAP? It seems like the LdapExtLoginModule would take care of this
automatically. Do I need to write a custom LoginModule?
I've been all over google on this one and would greatly appreciate any help!
Thanks a million!
-- Joel
exception
javax.servlet.ServletException: No such user No such user jduke
org.jboss.portal.server.servlet.PortalServlet.doGet(PortalServlet.java:227)
javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
org.jboss.portal.core.model.NoSuchUserException: No such user No such user jduke
org.jboss.portal.core.impl.user.UserModuleImpl.findUserByUserName(UserModuleImpl.java:123)
org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:100)
org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
...
Here's the login-config.xml:
<application-policy name="portal">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option
name="java.naming.provider.url">ldap://localhost:389</module-option>
<module-option
name="bindDN">cn=Manager,dc=jboss,dc=org</module-option>
<module-option name="bindCredential">secret</module-option>
<module-option
name="baseCtxDN">ou=People,dc=jboss,dc=org</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Roles,dc=jboss,dc=org</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="passwordValidation">remote</module-option>
</login-module>
</application-policy>
And here's what's in the LDAP:
dn: dc=jboss,dc=org
objectclass: top
objectclass: dcObject
objectclass: organization
dc: jboss
o: JBoss
dn: ou=People,dc=jboss,dc=org
objectclass: top
objectclass: organizationalUnit
ou: People
dn: uid=jduke,ou=People,dc=jboss,dc=org
objectclass: top
objectclass: uidObject
objectclass: person
uid: jduke
cn: Java Duke
sn: Duke
userPassword: theduke
dn: ou=Roles,dc=jboss,dc=org
objectclass: top
objectclass: organizationalUnit
ou: Roles
dn: cn=JBossAdmin,ou=Roles,dc=jboss,dc=org
objectclass: top
objectclass: groupOfNames
cn: JBossAdmin
member: uid=jduke,ou=People,dc=jboss,dc=org
description: the JBossAdmin group
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962288#3962288
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962288
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
