Re: authentificating with ldap javax.security.auth.login.LoginException on org.apache.catalina.realm.JAASRealm authenticate

jerome . dupont Tue, 04 Oct 2011 01:02:24 -0700

It works!!!
Thanks To have asked me to describe all my changes it helped me to find out
the configuration trouble


So I can login, associated with the admin role (which is mapped with
partenaires_admin role defined in my ldap.
With the admin interface, I could create a user, and associate a role with
him.

Unfortunaltely, no password is stored in the ldap. Do I have to mapped a
userPassword attribute?

I recapitulate here the complete changes (help for next users which will
want to do the same thing, I hope).


Comparaison de: Q:\Apache\Jetspeed-2.2.1PourLdap\webapps\jetspeed\WEB-INF
\assembly\security-ldap.xml
Avec: Q:\Apache\Jetspeed-2.2.1ORI\webapps\jetspeed\WEB-INF\assembly
\security-ldap.xml
=======
1         * <?xml version="1.0" encoding="UTF-8"?>  * <?xml version="1.0"
encoding="UTF-8"?>
         !>

User DAO configuration attributes: I removed cn,  sn and given  Name, and
replaced by BNFMemberOf.  I've changed the class (inetOrgPerson -> BnFUser.

179       *     <property name="ldapIdAttribute" value="BnFIdentifiant" />  *
<property name="ldapIdAttribute" value="uid" />
180       *     <property name="objectClasses" value="BNFUser"/>  *
<property name="objectClasses"
value="inetOrgPerson,organizationalPerson,person,top"/>
184       *           <constructor-arg index="0" value="BnFIdentifiant" />  *
<constructor-arg index="0" value="uid" />
190       *             <bean
class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
*         <bean
class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
191       *           <constructor-arg index="0" value="BnFMemberOf" />  *
<constructor-arg index="0" value="cn" />
192       *           <constructor-arg index="1" value="true" />  *
<constructor-arg index="1" value="false" />
194       *           <property name="required" value="false"/>  *
<property name="required" value="true"/>
195       *           <property name="idAttribute" value="false"/>  *
<property name="idAttribute" value="true"/>
         !>         </bean>
         !>         <bean
class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
         !>           <constructor-arg index="0" value="sn" />
         !>           <constructor-arg index="1" value="false" />
         !>           <constructor-arg index="2" value="false" />
         !>           <property name="required" value="true"/>
         !>           <property name="idAttribute" value="true"/>
         !>         </bean>
         !>         <bean
class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
         !>           <constructor-arg index="0" value="givenName" />
         !>           <constructor-arg index="1" value="false" />
         !>           <constructor-arg index="2" value="true" />
         !>           <constructor-arg index="3" value="user.name.given" />

RoleDaoConfiguration: class name of role class: groupOfName -> groupOfURLS.
attibute member -> uniqueMember
211       *     <property name="objectClasses" value="groupOfURLs"/>  *
<property name="objectClasses" value="groupOfNames,extensibleObject"/>
228       *           <constructor-arg index="0" value="uniqueMember" />  *
<constructor-arg index="0" value="member" />
231       *           <property name="required" value="false" />  *
<property name="required" value="true" />
         !>

UserRoleRelationDAO
I've tried different cases: changing relationAttribute, or just
construction
relationAttribute member -> BnFMemberOf.

useFromEntityAttribute false -> true (In the other sens, the jetspeed
couldn't find urole associated with a user. So I inverted the sens of the
research, and the roles associated with the user were found.And

And that the trouble , I had changed this line isMemberOf -> member
290       *         <constructor-arg index="0" value="member" />  *
<constructor-arg index="0" value="isMemberOf" />
I changed it back to
 <constructor-arg index="0" value="member" />
and it WORKS !!!

285       *     <property name="relationAttribute" value="BnFMemberOf" />  *
<property name="relationAttribute" value="member" />
287       *     <property name="useFromEntityAttribute" value="true" />  *
<property name="useFromEntityAttribute" value="false" />

290       *         <constructor-arg index="0" value="member" />  *
<constructor-arg index="0" value="isMemberOf" />

Regards,
Jérôme


Exposition  Vogue : l'aventure d'une maison de disque  - jusqu'au13 novembre 
2011 - BnF - François-Mitterrand / Allée Julien Cain Avant d'imprimer, pensez à 
l'environnement. 
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: authentificating with ldap javax.security.auth.login.LoginException on org.apache.catalina.realm.JAASRealm authenticate

Reply via email to