[JBoss-user] [Security & JAAS/JBoss] - Re: LdapExtLoginModule and jaasSecurityDomain

Mon, 27 Mar 2006 08:54:05 -0800 

So I think I've gotten further on this. I added the following into the 
jboss-service.xml:


  |    <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
  |       name="jboss.security:service=JaasSecurityDomain,domain=LdapPassword">
  |       <constructor>
  |          <arg type="java.lang.String" value="ServerMasterPassword"/>
  |       </constructor>
  |       <!-- The opaque master password file used to decrypt the encrypted
  |       database password key -->
  |       <attribute 
name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/server.password</attribute>
  |       <attribute name="Salt">theSalt</attribute>
  |       <attribute name="IterationCount">13</attribute>
  |    </mbean>
  | 

and added the following to the login-config.xml:


  |                 <module-option 
name="bindCredential">OQQj2fCjjfoc8VaDLVKU7</module-option>
  |                 <module-option 
name="jaasSecurityDomain">jboss.security:service=JaasSecurityDomain,domain=LdapPassword</module-option>
  | 

I created the ${jboss.server.home.dir}/conf/server.password file via the 
command:

java -cp lib\jbosssx.jar org.jboss.security.plugins.FilePassword theSalt 13 
password server.password

Is the password specified above on the FilePassword arg list the password of 
the LDAP server bindDN?

Then I use the command:

java -cp jbosssx.jar org.jboss.security.plugins.PBEUtils theSalt 13 
domain-password data-source-password

to generate the encrypted bindCredential.

I'm a little confused on what domain-password and data-source-password should 
be. Should one of them be the bindDN password and if so what is the other one 
used for.

Can anyone explain this in layman terms for me please as when I try all this 
the server comes up but authentication fails when I login to my app, so I must 
have something screwed up?


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3932889#3932889

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3932889


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to