Team --
I am trying to convert an application using JAAS on WebSphere to be using JAAS
on JBoss.
I feel like I am still missing some things, not to mention that I keep typing
in my correct password and it is not authenticating.
I am not using an EJBs just base web authentication.
jboss-web.xml =
<?xml version="1.0"?>
<jboss-web>
<!-- All secured web content uses this security manager -->
<security-domain>java:/jaas/mortgageAdmin</security-domain>
</jboss-web>
login-config.xml =
<application-policy name = "mortgageAdmin">
<login-module code = "org.jboss.security.auth.spi.LdapLoginModule"
flag = "required">
<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option
name="java.naming.provider.url">ldap://~~~~~</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option
name="java.naming.security.principal">"drhi\\"+username</module-option>
<module-option
name="java.naming.security.credentials">password</module-option>
</login-module>
</application-policy>
Where I feel like I am still missing something is the fact that in WebSphere,
we had to define an ibm-application-bnd.xmi file which looks like the below
snippet. However, I am not sure where I would be putting this equivalent for
the JBoss configuration.
<?xml version="1.0" encoding="UTF-8"?>
<applicationbnd:ApplicationBinding xmi:version="2.0"
xmlns:xmi="http://www.omg.org/XMI"; xmlns:applicationbnd="applicationbnd.xmi"
xmi:id="ApplicationBinding_1103565947194">
<authorizationTable xmi:id="AuthorizationTable_1103565947194">
<authorizations xmi:id="RoleAssignment_1108662566127">
<groups xmi:id="Group_1159457809140"
name="App.Prod.Mortgage.~~~.LoanOfficer"/>
<groups xmi:id="Group_1159457809141"
name="App.Prod.Mortgage.~~~.LoanOfficer"/>
<groups xmi:id="Group_1159457809142"
name="App.Prod.Mortgage.~~~.LoanOfficer"/>
...
Also, I am currently getting the following error and I know I am typing in my
password correctly.
The server log is reporting the following:
2008-02-06 15:11:58,537 TRACE
[org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(mortgageAdmin), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.LdapLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=uidAttributeID, value=username
name=java.naming.security.authentication, value=simple
name=java.naming.factory.initial, value=com.sun.jndi.ldap.LdapCtxFactory
name=java.naming.security.credentials, value=password
name=java.naming.provider.url, value=ldap://ad7.drhorton.com:389
name=java.naming.security.principal, value=username
name=principalDNPrefix, value="drhi\\"
2008-02-06 15:11:58,537 DEBUG [org.apache.catalina.loader.WebappClassLoader]
loadClass(org.jboss.security.auth.spi.LdapLoginModule, false)
2008-02-06 15:11:58,537 DEBUG [org.apache.catalina.loader.WebappClassLoader]
Searching local repositories
2008-02-06 15:11:58,537 DEBUG [org.apache.catalina.loader.WebappClassLoader]
findClass(org.jboss.security.auth.spi.LdapLoginModule)
2008-02-06 15:11:58,537 DEBUG [org.apache.catalina.loader.WebappClassLoader]
Delegating to parent classloader at end: [EMAIL PROTECTED]
2008-02-06 15:11:58,553 DEBUG [org.apache.catalina.loader.WebappClassLoader]
Loading class from parent
2008-02-06 15:11:58,553 TRACE [org.jboss.security.auth.spi.LdapLoginModule]
initialize, [EMAIL PROTECTED]
2008-02-06 15:11:58,553 TRACE [org.jboss.security.auth.spi.LdapLoginModule]
Security domain: mortgageAdmin
2008-02-06 15:11:58,553 TRACE [org.jboss.security.auth.spi.LdapLoginModule]
login
2008-02-06 15:11:58,553 TRACE [org.jboss.security.auth.spi.LdapLoginModule]
Logging into LDAP server,
env={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.provider.url=ldap://ad7.drhorton.com:389,
jboss.security.security_domain=mortgageAdmin, uidAttributeID=username,
principalDNPrefix="drhi\\", java.naming.security.authentication=simple,
java.naming.security.principal="drhi\\"pcable,
java.naming.security.credentials=***}
2008-02-06 15:11:58,553 DEBUG [org.apache.catalina.loader.WebappClassLoader]
loadClass(com.sun.jndi.ldap.LdapCtxFactory, false)
2008-02-06 15:11:58,584 DEBUG [org.jboss.security.auth.spi.LdapLoginModule] Bad
password for username=pcable
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr:
DSID-0C090334, comment: AcceptSecurityContext error, data 525
Any ideas?
Thanks
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4127180#4127180
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4127180
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
