I was trying to get LDAP to authenticate to AD. I have it authenticating the user but the group/roles is not being found in the memberOf property. Although, it has found the property and reported it back to the log file.
Here is the log output, does anyone know how the role is resolved when a user has multiple groups/role assignments. ************************************************************* 16:03:52,804 DEBUG [AuthenticatorBase] Authenticated 'fsj1234' with type 'FORM' 16:03:52,804 DEBUG [FormAuthenticator] Proceed to restored request 16:03:52,804 DEBUG [AuthenticatorBase] Calling accessControl() 16:03:52,804 DEBUG [RealmBase] Username fsj1234 does NOT have role Authenticated 16:03:52,804 DEBUG [AuthenticatorBase] Failed accessControl() test 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 1 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,351 DEBUG [ManagerBase] Start expire sessions StandardManager at 1159563835351 sessioncount 0 16:03:55,351 DEBUG [ManagerBase] End expire sessions StandardManager processingTime 0 expired sessions: 0 16:03:55,523 DEBUG [CoyoteAdapter] Requested cookie session id is BA0A9A7A6B8D3843C066BCE188C17D85 16:03:55,523 DEBUG [AuthenticatorBase] Security checking request GET /portal 16:03:55,523 DEBUG [AuthenticatorBase] We have cached auth type FORM for principal GenericPrincipal[fsj1234(CN=AccessIT,CN=Users,DC=mydomain,DC=com,CN=Admin,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=Citrix Users,OU=Farm,OU=Citrix,DC=mydomain,DC=com,CN=GG AP All Associates,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP All Information Systems,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP Portal Admins,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG AP Portal Module Administrators,OU=Security Groups,OU=mydomain Users,DC=mydomain,DC=com,CN=GG FA Associate Portal Development,CN=Users,DC=mydomain,DC=com,CN=GG FA HROL Credentialing File Access,)] View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975218#3975218 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975218 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
