Hello List,
I'm trying to perform authentication against Windows 2000 Active Directory
(which is LDAP).
In my domain I have two groups (Tuser and Tadmin) and users assigned to
them. The security definition in the deployment descriptor of my beans
comply to those. I've tested before my application with
org.jboss.security.auth.spi.UsersRolesLoginModule and everything works fine.
I have JBoss running in Linux and Win2000.
I used the LDAP configuration in auth.conf as described in
http://www.jboss.org/documentation/HTML/ch09s17.html and I'm getting the
following error:
[siigpstestBean] CONTAINER EXCEPTION:Configuration Error:
Line 31: expected 'option key', found 'null'
[siigpstestBean] java.lang.SecurityException: Configuration Error:
[siigpstestBean] Line 31: expected 'option key', found 'null'
[siigpstestBean] at
com.sun.security.auth.login.ConfigFile.getAppConfigur
ationEntry(ConfigFile.java:221)
[siigpstestBean] at
javax.security.auth.login.LoginContext.init(LoginCont
ext.java:172)
[siigpstestBean] at
javax.security.auth.login.LoginContext.<init>(LoginCo
ntext.java:266)
[siigpstestBean] at
javax.security.auth.login.LoginContext.<init>(LoginCo
ntext.java:380)
[siigpstestBean] at
org.jboss.security.plugins.JaasSecurityManager.defaul
tLogin(JaasSecurityManager.java:351)
My auth.conf is as follows:
libsec {
org.jboss.security.plugins.samples.LdapLoginModule required
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
principalDNPrefix=uid=
uidAttributeID=userid
roleAttributeID=rolenames
principalDNSuffix=,ou=People,o=mydomain.com
rolesCtxDN=ou=Users,cn=Project1,ou=Projects,o=mydomain.com
java.naming.provider.url=ldap://hall:389/
java.naming.security.authentication=simple
};
I've tried to put "users" in uidAttributeID and "group" in roleAttributeID,
commented out several the prefix lines, tried different values for
rolesCtxDN,.... it's like shooting in the dark..
Can please someone enlighten me on this??? Is this the correct approach for
performing authentication and authorisation in a win 2000 server?? is it
necessary to perform something special on win 2000???
Thanks in advance,
Carlos Ferrao
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user