Re: Own LoginModule

Mon, 29 Dec 2014 13:21:48 -0800

It now works when I put the parameters in file that configures the 'appName" from the security realm.
I tried again to use the file but I do not get the URL in return. If I use the "users.properties" file in the same directory then I get a URL. Do I need to add my file to a variable somewhere? I can live without it but I am curious why it does not work this way. 

Regards,

Marco
Op 28-12-14 om 13:39 schreef Marco de Booij:

I did not use a debugger but I added a lot of LOGGER.info statements 
(I already removed most of them) . As you can see I added 2 
LOGGER.info statements in the initialize method. The first one gives 
"ldap             : ldap.properties" and the second one, in the if 
statement, displays "URL == null" so this means that the 
ConfUtils.getConfResource cannot create an URL.


The content of the login.properties is:
LdapLogin {
    eu.debooy.jaas.ldap.DoosLoginModule required
    debug=true
    ldap="ldap.properties";
};

It cannot be the file atrributes as the groups.properties is used by 
the PropertiesLoginModule:

-rw-r--r-- 1 tomee tomee  114 mei 20  2014 groups.properties
-rw-r--r-- 1 tomee tomee  337 dec 27 15:37 ldap.properties


Thanks for the link. The problem remains that it does not keep the cn 
and mail attribute in the UserPrincipal. About my problem with using a 
file in the conf directory. I will put the parameters in the 
login.properties instead of reading them from the ldap.properties file.


Regards,

Marco

Op 28-12-14 om 11:50 schreef Romain Manni-Bucau:

Hi

Did you debug your loginmodule?

Fyi jvm has a ldap one

https://docs.oracle.com/javase/6/docs/jre/api/security/jaas/spec/com/sun/security/auth/module/LdapLoginModule.html 

Le 27 déc. 2014 18:38, "Marco de Booij" <[email protected]> a 
écrit :



I am creating my own LoginModule. I need a UserPrincipal that holds 
also
the common name and e-mail address of the user. I want to get these 
values

from the LDAP.


I started with the PropertiesLoginModule so I could read a parameter 
file
from the Tomee conf directory. For this I created the file 
ldap.properties.

I changed the server.xml and the login.conf so all should be configured
correct. I put the JAR file with my UserPrincipal, GroupPrincipal and
LoginModule in the Tomee lib directory. When I restart Tomee and try to

access the Tomcat console I enter the userame and password. My 
LoginModule

is accessed but it cannot read the properties file. The URL (in the
initialize method) is null.


When I put in the values of the ldap.properties in the source and 
comment
out the reading of the file everything seems to work fine but I am 
refused
access to the console (Code 403. The group manager-gui is fetched 
from the

LDAP and put in the subject Principal rolePrincipal list).
























					Reply via email to