Are you using JBOSS AS for deploying Guvnor? You may want to try a newer version of JBOSS AS. Guvnor just uses standard JAAS , in your case, if there is sth wrong, its more likely its sth wrong with the LdapExtLoginModule.
Cheers, Jervis wrote: > I am able to authenticate with Active Directory but with only a single > organizational unit but not with users of multiple organizational units > This is my organizational structure > +cn=test,cn=con > --+ou=Sample1 > -----uid:user1,uid:user2 > --+ou=Sample2 > -----uid:user3,uid:user4 > --+roles > -----admin:uid:user1,user3 > -----user:uid:user2,user4 > > I have set the admin rights accordingly in Guvnor. > I am using Jboss Guvnor standalone 4.2.3 and I am trying to connect > multiple organizational units using JAAS > my login-config.xml > --------------------- > <application-policy name="adConnection"> > <authentication> > <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" > flag="required" > > <module-option > name="java.naming.provider.url">ldap://c.test.com:389/</module-option> > <module-option > name="java.naming.security.authentication">simple</module-option> > <module-option > name="bindDN">CN=Administrator,CN=Users,dc=test,dc=com</module-option> > <module-option name="bindCredential">password</module-option> > <module-option name="baseCtxDN">OU=Sample1,dc=test,dc=com</module-option> > <module-option name="baseFilter">(CN={0})</module-option> > <module-option name="rolesCtxDN">OU=roles,dc=test,dc=com</module-option> > <module-option name="uidAttributeID">member</module-option> > <module-option name="matchOnUserDN">true</module-option> > <module-option name="roleFilter">(member={1})</module-option> > <module-option name="roleAttributeID">CN</module-option> > <module-option name="roleRecursion">-1</module-option> > </login-module> > <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" > flag="required" > > <module-option > name="java.naming.provider.url">ldap://c.test.com:389/</module-option> > <module-option > name="java.naming.security.authentication">simple</module-option> > <module-option > name="bindDN">CN=Administrator,CN=Users,dc=test,dc=com</module-option> > <module-option name="bindCredential">password</module-option> > <module-option name="baseCtxDN">OU=Sample2,dc=test,dc=com</module-option> > <module-option name="baseFilter">(CN={0})</module-option> > <module-option name="rolesCtxDN">OU=roles,dc=test,dc=com</module-option> > <module-option name="uidAttributeID">member</module-option> > <module-option name="matchOnUserDN">true</module-option> > <module-option name="roleFilter">(member={1})</module-option> > <module-option name="roleAttributeID">CN</module-option> > <module-option name="roleRecursion">-1</module-option> > </login-module> > </authentication> > </application-policy> > > and my component.xml > ------------------------- > <security:identity authenticate-method="#{authenticator.authenticate}" > jaas-config-name="adConnection"/> > > I donot get any errors in server console during deployment but when login > ,I cannot login into Guvnor and I get password or user name incorrect.Can > some one help me out > > > > _______________________________________________ rules-users mailing list [email protected] https://lists.jboss.org/mailman/listinfo/rules-users
