• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Devaka Cooray
  • Knute Snortum
  • Paul Clapham
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Frits Walraven
Bartenders:
  • Ganesh Patekar
  • Tim Holloway
  • salvin francis

JBoss EAP 6.1 LDAP Extended Login Module not Authorizing  RSS feed

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am currently trying to implement LDAP authentication using the JBoss LdapExtLoginModule.
I should say I have it working using the JBoss LdapLoginModule and it authenticates fine but when I use the Extended version it doesn't work.
I am also trying to retrieve the groups from active directory, and map them to set roles in the application but im not having much success, I have read it can be done with the extended login module hence my reason for using it.

Can anyone help?

Here is my code:

standalone.xml


Jboss-web.xml


The working code I have is the following:

standalone.xml


Thanks!
 
Sheriff
Posts: 21744
102
Chrome Eclipse IDE Java Spring Ubuntu VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The javadoc (https://docs.jboss.org/jbossas/javadoc/4.0.4/security/org/jboss/security/auth/spi/LdapExtLoginModule.html) mentions options jaasSecurityDomain. Have you tried setting it?

Note: when trying to read the javadoc, view the page source. That gives you some better formatting of the class documentation.
 
Dan Ralphs
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am a little unsure what value I assign to the setting as there isnt any documentation on the option other than this.

"This can be encrypted if the jaasSecurityDomain is specified. __jaasSecurityDomain__ : The JMX ObjectName of the JaasSecurityDomain to use to decrypt the java.naming.security.principal. The encrypted form of the password is that returned by the JaasSecurityDomain#encrypt64(byte[]) method."

Are you saying it may work if I encrypt the password?
Shouldnt it work unencrypted too?

Thanks!
 
Rob Spoor
Sheriff
Posts: 21744
102
Chrome Eclipse IDE Java Spring Ubuntu VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To be honest I don't know, but it would seem logical to be able to specify the security domain without having to encrypt it. I'd say, give it a try (both with and without the java: prefix).
 
Because those who mind don't matter and those who matter don't mind - Seuss. Tiny ad:
how do I do my own kindle-like thing - without amazon
https://coderanch.com/t/711421/engineering/kindle-amazon
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!