I have been trying to setup LDAP in JBoss Portal, I have the user authenticating but, I don't know how to get the correct role to get logged in.
I get a "HTTP Status 403 - Access to the requested resource has been denied" which I believe is due to the group/role not be resolved correctly. I am using the LdapExtLoginModule below is the trace from the log file after trying to get logged in. Any help would be appreciated... ################################################### 08:12:41,235 DEBUG [CoyoteAdapter] Requested cookie session id is 5A3FCFF056D82C70B3E68866F9CE0384 08:12:41,235 DEBUG [AuthenticatorBase] Security checking request POST /portal/j_security_check 08:12:41,235 DEBUG [FormAuthenticator] Authenticating username 'dsj0920' 08:12:41,235 DEBUG [FormAuthenticator] Authentication of 'XXX0920' was successful 08:12:41,235 DEBUG [FormAuthenticator] Redirecting to original '/portal' 08:12:41,235 DEBUG [AuthenticatorBase] Failed authenticate() test ??/portal/j_security_check 08:12:41,235 DEBUG [CoyoteAdapter] Requested cookie session id is 5A3FCFF056D82C70B3E68866F9CE0384 08:12:41,235 DEBUG [AuthenticatorBase] Security checking request GET /portal 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Authenticated]' against GET / --> true 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Secure]' against GET / --> false 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Secure+Authenticated]' against GET / --> false 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Authenticated]' against GET / --> true 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Secure]' against GET / --> false 08:12:41,235 DEBUG [RealmBase] Checking constraint 'SecurityConstraint[Secure+Authenticated]' against GET / --> false 08:12:41,235 DEBUG [AuthenticatorBase] Calling hasUserDataPermission() 08:12:41,235 DEBUG [RealmBase] User data constraint has no restrictions 08:12:41,235 DEBUG [AuthenticatorBase] Calling authenticate() 08:12:41,235 DEBUG [FormAuthenticator] Restore request from session '5A3FCFF056D82C70B3E68866F9CE0384' 08:12:41,235 DEBUG [AuthenticatorBase] Authenticated 'XXX0920' with type 'FORM' 08:12:41,235 DEBUG [FormAuthenticator] Proceed to restored request 08:12:41,235 DEBUG [AuthenticatorBase] Calling accessControl() 08:12:41,235 DEBUG [RealmBase] Username XXX0920 does NOT have role Authenticated 08:12:41,235 DEBUG [AuthenticatorBase] Failed accessControl() test Here is what the RoleDN output is: ################################################ 08:15:51,032 DEBUG [AuthenticatorBase] Security checking request GET /portal 08:15:51,032 DEBUG [AuthenticatorBase] We have cached auth type FORM for principal GenericPrincipal[dsj0920(CN=AccessIT,CN=Users,DC=adomain,DC=com,CN=Admin,OU=Security Groups,OU=Adomain Users,DC=adomain,DC=com,CN=Citrix Users,OU=Farm,OU=Citrix,DC=adomain,DC=com,CN=GG AP All Associates,OU=Security Groups,OU=AdomainUsers,DC=adomain,DC=com,CN=GG AP All Information Systems,OU=Security Groups,OU=Adomain Users,DC=adomain,DC=com,CN=GG AP Portal Admins,OU=Security Groups,OU=Adomain Users,DC=adomain,DC=com,CN=GG AP Portal Module Administrators,OU=Security Groups,OU=Adomain Users,DC=adomain,DC=com,CN=GG FA Associate Portal Development,CN=Users,DC=adomain,DC=com,CN=GG FA HROL Credentialing File Access,CN=Users,DC=adomain,DC=com,CN=Help Desk,CN=Users,DC=adomain,DC=com,CN=INFOSYS,CN=Users,DC=adomain,DC=com,CN=IS - Apps Team,CN=Users,DC=adomain,DC=com,CN=MRI NIMC,CN=Users,DC=adomain,DC=com,CN=Telecom,CN=Users,DC=adomain,DC=com,CN=\#Associate Portal Steering Committee,CN=Distribution Lists! ,CN=Users,DC=adomain,DC=com,CN=\#Change Management,CN=Distribution Lists,CN=Users,DC=adomain,DC=com,CN=\#Company-Wide,CN=Distribution Lists,CN=Users,DC=adomain,DC=com,CN=\#Core Upgrade Applications Team,CN=Distribution Lists,CN=Users,DC=adomain,DC=com,CN=\#IS-Application Team,CN=Distribution Lists,CN=Users,DC=adomain,DC=com,CN=\#IS-CHS31,CN=Distribution Lists,CN=Users,DC=adomain,DC=com,)] View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975481#3975481 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975481 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user