[JBoss-user] [Security & JAAS/JBoss] - Re: LdapExtLoginModule and jaasSecurityDomain

Tue, 28 Mar 2006 08:45:05 -0800 

OK, for the sake of someone else wanting to do this same thing I'm going to 
outline what I did to get this to work. The doc is very sparse on this stuff so 
this took me many fustrating days of trial and error until I got something 
working.....

1) Added the following into jboss-service.xml. Please note that you cannot add 
this at the END of the file (it just does not work and I have no idea why). I 
stuck it as the first mbean entry though I have no idea how far down the file 
you can go. I just know it cannot be last:


  |    <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
  |       name="jboss.security:service=JaasSecurityDomain,domain=LdapPassword">
  |       <constructor>
  |          <arg type="java.lang.String" value="ServerMasterPassword"/>
  |       </constructor>
  |       <!-- The opaque master password file used to decrypt the encrypted
  |       database password key -->
  |       <attribute 
name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/server.password</attribute>
  |       <attribute name="Salt">twsalt12</attribute>
  |       <attribute name="IterationCount">13</attribute>
  |    </mbean>
  | 

2) Added the following into the login-config.xml for the LdapExtLoginModule:


  |                 <module-option 
name="bindCredential">1q2vSZDcCkctsxrys110r3</module-option>
  |             <module-option 
name="jaasSecurityDomain">jboss.security:service=JaasSecurityDomain,domain=LdapPassword</module-option>
  | 

3) Created the server.password file with the following:

java -cp jbosssx.jar org.jboss.security.plugins.FilePassword twsalt12 13 
thePassword server.password

4) Created the encrypted bindCredential with the following:

java -cp jbosssx.jar org.jboss.security.plugins.PBEUtils twsalt12 13 
thePassword clearTextBindCredential

Hopefully the above helps someone...

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933150#3933150

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933150


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to