Is it me or is it a bug?
I tried to login with a username that exist in LDAP but with BLANK password.
The login was successful.
login-config.xml Configuration as below
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required" >
<module-option
name="java.naming.provider.url">ldap://127.0.0.1:389</module-option>
<module-option name="bindDN">cn=Directory Manager</module-option>
<module-option name="bindCredential">password</module-option>
<module-option
name="baseCtxDN">ou=People,o=domain.com</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option
name="rolesCtxDN">ou=Groups,o=domain.com</module-option>
<module-option name="roleFilter">(uniqueMember={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="roleNameAttributeID">cn</module-option>
<module-option name="roleRecursion">2</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
</login-module>
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4126004#4126004
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4126004
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
