[jboss-user] [JBoss Portal] - Re: LDAP Authentication & Authorization to eDirectory

Wed, 23 May 2007 08:21:05 -0700 

I tweaked a setting and now get:


  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] findUserByUserName(): 
username = admin
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filterArg: {0}: 
admin
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search ctx: 
ou=People,o=idv
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user uid: 
cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user dn: 
cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 10:08:39,765 DEBUG 
[org.jboss.portal.identity.ldap.LDAPStaticRoleMembershipModuleImpl] 
findRoles(): role = cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 10:08:39,781 DEBUG 
[org.jboss.portal.identity.ldap.LDAPRoleModule] findRoleByDN(): DN = 
cn=Administrators,ou=JBossPortal,ou=APPS,ou=GROUPS,o=IDV
  | 2007-05-23 10:08:39,781 DEBUG 
[org.jboss.portal.identity.ldap.LDAPRoleModule] role uid: 
cn=Administrators,ou=JBossPortal,ou=APPS,ou=GROUPS,o=IDV
  | 2007-05-23 10:08:39,781 DEBUG 
[org.jboss.portal.identity.ldap.LDAPRoleModule] role dn: 
cn=Administrators,ou=JBossPortal,ou=APPS,ou=GROUPS,o=IDV
  | 2007-05-23 10:08:39,875 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] findUserByUserName(): 
username = admin
  | 2007-05-23 10:08:39,875 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 10:08:39,875 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  | 2007-05-23 10:08:39,875 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filterArg: {0}: 
admin
  | 2007-05-23 10:08:39,875 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search ctx: 
ou=People,o=idv
  | 2007-05-23 10:08:39,921 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user uid: 
cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 2007-05-23 10:08:39,921 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user dn: 
cn=admin,ou=APPS,ou=PEOPLE,o=IDV
  | 
  | 
  | But still no "Admin" link when admin logs in.
  | 
  | I still get "Your account is disabled" when ACM3 tries to log in. Log shows:
  | 
  | 
  |   | 2007-05-23 10:12:57,609 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] findUserByUserName(): 
username = acm3
  |   | 2007-05-23 10:12:57,609 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  |   | 2007-05-23 10:12:57,609 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filter: (cn={0})
  |   | 2007-05-23 10:12:57,609 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search filterArg: {0}: 
acm3
  |   | 2007-05-23 10:12:57,609 DEBUG 
[org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl] Search ctx: 
ou=People,o=idv
  |   | 2007-05-23 10:12:57,625 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user uid: 
cn=ACM3,ou=AL,ou=EMPLOYEES,ou=PEOPLE,o=IDV
  |   | 2007-05-23 10:12:57,625 DEBUG 
[org.jboss.portal.identity.ldap.LDAPUserModule] user dn: 
cn=ACM3,ou=AL,ou=EMPLOYEES,ou=PEOPLE,o=IDV
  |   | 2007-05-23 10:12:57,625 DEBUG 
[org.jboss.portal.identity.DelegatingUserProfileModuleImpl] getProperty: 
portal.user.enabled
  |   | 2007-05-23 10:12:57,625 DEBUG 
[org.jboss.portal.identity.DelegatingUserProfileModuleImpl] Delegating to DB 
module
  |   | 2007-05-23 10:12:57,625 DEBUG 
[org.jboss.portal.identity.db.HibernateUserProfileModuleImpl] Processing non 
HibernateUserImpl object: class org.jboss.portal.identity.ldap.LDAPUserImpl
  |   | 
  | 
  | So I guess the next questions are:
  | 
  | 1) Can the "role" membership records that the portal uses in authorization 
be moved to LDAP group Objects?
  | 
  | 2) If I descend my own versions the org.jboss.portal.identity.RoleModule 
interface, where do my .class files have to be for JBoss to see them during 
boot and where do i reference them in the configuration files? 
ldap_identity-config.xml perhaps?
  | 

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4047948#4047948

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4047948
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to