[JBoss-user] LDAPLoginModule used with Win2000

Wed, 19 Sep 2001 12:05:52 -0700 


        Hello List,

        I'm trying to perform authentication against Windows 2000 Active Directory
(which is LDAP).
        In my domain I have two groups (Tuser and Tadmin) and users assigned to
them. The security definition in the deployment descriptor of my beans
comply to those. I've tested before my application with
org.jboss.security.auth.spi.UsersRolesLoginModule and everything works fine.
I have JBoss running in Linux and Win2000.

I used the LDAP configuration in auth.conf as described in
http://www.jboss.org/documentation/HTML/ch09s17.html and I'm getting the
following error:

[siigpstestBean] CONTAINER EXCEPTION:Configuration Error:
        Line 31: expected 'option key', found 'null'
[siigpstestBean] java.lang.SecurityException: Configuration Error:
[siigpstestBean]        Line 31: expected 'option key', found 'null'
[siigpstestBean]        at
com.sun.security.auth.login.ConfigFile.getAppConfigur
ationEntry(ConfigFile.java:221)
[siigpstestBean]        at
javax.security.auth.login.LoginContext.init(LoginCont
ext.java:172)
[siigpstestBean]        at
javax.security.auth.login.LoginContext.<init>(LoginCo
ntext.java:266)
[siigpstestBean]        at
javax.security.auth.login.LoginContext.<init>(LoginCo
ntext.java:380)
[siigpstestBean]        at
org.jboss.security.plugins.JaasSecurityManager.defaul
tLogin(JaasSecurityManager.java:351)

        My auth.conf is as follows:

libsec {
    org.jboss.security.plugins.samples.LdapLoginModule required
        java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
        principalDNPrefix=uid=
        uidAttributeID=userid
        roleAttributeID=rolenames
        principalDNSuffix=,ou=People,o=mydomain.com
        rolesCtxDN=ou=Users,cn=Project1,ou=Projects,o=mydomain.com
        java.naming.provider.url=ldap://hall:389/
        java.naming.security.authentication=simple
};

        I've tried to put "users" in uidAttributeID and "group" in roleAttributeID,
commented out several the prefix lines, tried different values for
rolesCtxDN,.... it's like shooting in the dark..

        Can please someone enlighten me on this??? Is this the correct approach for
performing authentication and authorisation in a win 2000 server?? is it
necessary to perform something special on win 2000???

        Thanks in advance,
        Carlos Ferrao


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to