[JBoss-user] [Security & JAAS/JBoss] - Problem with password using LdapLoginModule

Wed, 17 Mar 2004 04:45:59 -0800 

Hi,
I have the following problem:
the LdapLoginModule seems to ignore the case of the password the user inputs, eg. it 
does not differentiate Foo <--> foo. Passwords that are not correct (eg. fee) and 
empty password fail as expected. Here are my confs:

web.xml:
  ...
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Test Protected Area</web-resource-name>
      <url-pattern>/originalDestination.jsp</url-pattern>
      <url-pattern>/originalDestination.do</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>TestRole-</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Test</realm-name>
    <form-login-config>
      <form-login-page>/common/login_realm.jsp</form-login-page>
      <form-error-page>/common/login_realm.jsp?err=1</form-error-page>
    </form-login-config>
    ...

jboss-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
  <security-domain>java:/jaas/ldap</security-domain>
</jboss-web>

login-config.xml:
    <application-policy name = "ldap">
       
          <login-module code="org.jboss.security.auth.spi.LdapLoginModule" 
flag="required"> 
               <module-option 
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
               <module-option 
name="java.naming.provider.url">ldap://ldapserver:389/</module-option>
               <module-option 
name="java.naming.security.authentication">simple</module-option>
               <module-option name="allowEmptyPasswords">false</module-option>
               <module-option name="principalDNPrefix">uid=</module-option>
               <module-option 
name="principalDNSuffix">,cn=Users,dc=xxx,dc=com</module-option>
               <module-option name="uidAttributeID">uniquemember</module-option>
               <module-option name="roleAttributeID">cn</module-option>
               <module-option name="rolesCtxDN">cn=Roles,dc=xxx,dc=com</module-option>
               <module-option name="matchOnUserDN">true</module-option>
          </login-module>
       
    </application-policy>

I've tried deploying the same war in Tomcat-5.0.16 and I don't have this problem, so 
it would seem that the problem does not lie with the directory. Any help appreciated. 
TIA,

Kari

<a 
href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3826128#3826128";>View 
the original post</a>

<a 
href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3826128>Reply 
to the post</a>


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to