Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

LDAP Integration with JBoss

 
Fady Matar
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey al I am trying to integrate Domino LDAP with JBoss, and here are the steps I have followed.
My LDAP schema is the following:
version: 1
dn: O=OJ
objectclass: organization
objectclass: top
o: OJ
dn: CN=Directory Manager,O=OJ
objectclass: organizationalRole
objectclass: top
objectclass: labeledURIObject
cn: DirectoryManager
cn: Directory Manager
roleoccupant: UID=fady,OU=People,O=OJ
dn: OU=Groups,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Groups
dn: CN=Administrators,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
cn: Administrators
uniquemember: UID=fady,OU=People,O=OJ
dn: CN=Users,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
uniquemember: UID=fady,OU=People,O=OJ
uniquemember: UID=harvey,OU=People,O=OJ
dn: OU=People,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: People
dn: UID=fady,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: fady
labeleduri: mailto:fady@OJ.net Directory Manager
mail: fady@OJ.net
sn: fady
uid: fady
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: UID=grefenp,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: grefenp
mail: grefenp@OJ.net
sn: grefenp
uid: grefenp
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: OU=Roles,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Roles
dn: CN=Admin_Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Admin_Members
uniquemember: CN=Administrators,OU=Groups,O=OJ
dn: CN=Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Members
uniquemember: CN=Users,OU=Groups,O=OJ
I updated the login-config.xml and added to it the following:
<application-policy name="ldapdomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapLoginModule"
flag= "required">

<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option
name="java.naming.provider.url">ldap://shakfuserver:389/
</module-option>
<module-option
name="java.naming.security.authentication">simple
</module-option>
<module-option
name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,ou=People,o=OpenJ2EE
</module-option>
<module-option
name="uidAttributeID">uid
</module-option>
<module-option
name="roleAttributeID">cn
</module-option>
<module-option
name="roleNameAttributeId">cn
</module-option>
<module-option
name="roleAttributeIsDN">false
</module-option>
<module-option
name="matchOnUserDN">false
</module-option>
<module-option
name="rolesCtxDN">ou=Groups,o=OpenJ2EE
</module-option>
<module-option
name="unauthenticatedIdentity">nobody
</module-option>
</login-module>
</authentication>
</application-policy>
My problem is that I'm unable to authenticate any user. I'm always redirected to the login error page.
Any help is highly appreciated
Best Regards,
Fady
 
norman richards
Author
Ranch Hand
Posts: 367
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One problem might be that your JBoss config refers to o=Open J2EE but the LDIF data you have refers to o=OJ.
 
Fady Matar
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for pointing out to this but this is not the problem since it's just a typo mistake.
Any other suggestions?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic