• Post Reply Bookmark Topic Watch Topic
  • New Topic

how to specify the group to authenticate user in ldaploginmodule and jboss configuration  RSS feed

vivien heudt
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I would like to authenticate the user only if he is in a specific group.

for my test I have two users:

one user is in the FIRST GROUP
other is in de SECOND GROUP
I have an active directory :
usr1 is in the "admin", usr2 is in the "usr" and I authenticate the user via JBoss withLdapLoginModule in the standalone.xml.


<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://ldaphost"/>

<module-option name="rolesCtxDN" value="CN=admin,OU=Role,DC=ldaphost,DC=xxx"/>

<module-option name="principalDNSuffix" value="@ldaphost.xxx"/>
<module-option name="java.naming.security.authentication" value="simple"/>
The result is:

the usr1 success login
the usr2 success too
So the rolesCtxDN used does not work properly or is not used at all, and I have no error.

Someone has an idea of the problem? Anyone have another way to use a user according to his group?
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!