Thanks Wolfgang. I did turn on the log and got the following message.
| 2009-07-07 11:14:31,243 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] Security domain: jboss-sso | 2009-07-07 11:14:31,243 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] Saw unauthenticatedIdentity=guest | 2009-07-07 11:14:31,243 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] login | 2009-07-07 11:14:31,290 DEBUG [org.jboss.security.idm.UsernameAndPasswordLoginModule] Bad password for username=tester | 2009-07-07 11:14:31,290 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] initialize, instan...@21101046 | 2009-07-07 11:14:31,290 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] Security domain: jboss-sso | 2009-07-07 11:14:31,290 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] Saw unauthenticatedIdentity=guest | 2009-07-07 11:14:31,290 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] login | 2009-07-07 11:14:31,321 DEBUG [org.jboss.security.idm.UsernameAndPasswordLoginModule] Bad password for username=tester | 2009-07-07 11:14:31,321 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] abort | 2009-07-07 11:14:31,321 TRACE [org.jboss.security.idm.UsernameAndPasswordLoginModule] abort | 2009-07-07 11:14:31,321 TRACE [org.jboss.security.plugins.JaasSecurityManager.jboss-sso] Login failure | javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required | at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | I guess, the jboss-sso.sar is connecting to the OpenDS ldap server. However, in the test application ear file, it is not validating the password correctly. You have mentioned something about the DynamicLoginConfig. I am using the DynamicLoginConfig, as you can see in the jboss-sso-test.ear file under jboss-service.xml | <?xml version="1.0" encoding="UTF-8"?> | <server> | <!-- hooking in a login module for the standalone version of JSF Forums --> | <!-- The custom JAAS login configuration that installs | a Configuration capable of dynamically updating the | config settings | --> | <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" | name="jboss.security.tests:service=LoginConfig"> | <attribute name="AuthConfig">META-INF/security-config.xml</attribute> | <depends optional-attribute-name="LoginConfigService"> | jboss.security:service=XMLLoginConfig | </depends> | <depends optional-attribute-name="SecurityManagerService"> | jboss.security:service=JaasSecurityManager | </depends> | </mbean> | </server> | For the DynamicLoginConfig, the following is the AuthConfig, I am using. I am not sure, if this is correct. BTW, I did not modify anything in the jboss-sso-test.ear file, after building from the jboss trunk. | <?xml version='1.0'?> | <!DOCTYPE policy PUBLIC | "-//JBoss//DTD JBOSS Security Config 3.0//EN" | "http://www.jboss.org/j2ee/dtd/security_config.dtd"> | | <!-- The JAAS login configuration file for the java:/jaas/jbossweb-form-auth | security domain used by the security-spec test case | --> | <policy> | <application-policy name="jboss-sso"> | <authentication> | <login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule" flag="sufficient"> | <module-option name="unauthenticatedIdentity">guest</module-option> | <module-option name="password-stacking">useFirstPass</module-option> | <!--module-option name="hashAlgorithm">MD5</module-option> | <module-option name="hashEncoding">HEX</module-option--> | <module-option name="authenticatedRoles">Authenticated,RegisteredUsers</module-option> | </login-module> | <login-module code="org.jboss.security.idm.UsernameAndPasswordLoginModule" flag="sufficient"> | <module-option name="unauthenticatedIdentity">guest</module-option> | <module-option name="password-stacking">useFirstPass</module-option> | <module-option name="authenticatedRoles">Authenticated,RegisteredUsers</module-option> | </login-module> | </authentication> | </application-policy> | </policy> | Do, I need to do something in the <JBOSS_HOME>/server/default/conf/login-config.xml Or is it trying to use the encrypted password or something. Did someone get this jboss-sso-test.ear working? Thanks, Ganesh. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4242283#4242283 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4242283 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user