I have also had a lot of trouble using the LdapLoginModule successfully. I finally decided to roll my own implementation because I couldn't hardly read the code from the source distro ;-)
I also had a problem with the method by which the searches were being performed, specifically, that my roles weren't being returned from Domino LDAP using the method of searching currently in the source. I changed it to use SearchControls and all is well. Jon Brisbin --- Keene Hammond <[EMAIL PROTECTED]> wrote: > I removed all of the realms from the login-config.xml except the > LdapLogin Module and > still all default realms are loaded and my ldap realm is nowhere to > be found. > I am unable to change the default realms, was this working on any > previous 3.x jboss? > I was ok when using the auth.conf file in Jboss 2.4.3... But it does > not workin JBoss > 3.0.3 either. > I see one other person is having a similar problem today. Anyone > else? Any ideas? > -Keene > > Keene Hammond wrote: > > > Hi, > > I am unable to create a new security realm using the > LdapLoginModule. I > > would appreciate some help configuring a new realm to point to a > LDAP > > directory server. > > > > OS: XP pro SP1 > > JDK: 1.4.1_01 > > JBoss: 3.0.3 > > > > snippet from login-config.xml > > > > <!-- Internal Directory Service Authentication --> > > <application-policy name = "ldap"> > > <authentication> > > <login-module code = > > "org.jboss.security.auth.spi.LdapLoginModule" flag = "required"> > > <module-option > > > name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> > > > > <module-option > > name="java.naming.security.authentication">simple</module-option> > > <module-option > name="principleDNPrefix">uid=</module-option> > > > > <module-option name="principleDNSuffix">,ou=People, > > o=Paychex Inc, c=US</module-option> > > <module-option > > name="uidAttributeID">uniqueMember</module-option> > > <module-option > name="roleAttributeID">cn</module-option> > > <module-option name="rolesCtxDN">ou=Groups,o=Paychex > > Inc,c=US</module-option> > > <module-option > name="matchOnUserDN">true</module-option> > > <module-option > > name="unauthenticatedIdentity">nobody</module-option> > > <module-option > > > name="java.naming.provider.url">ldap://testldap.paychex.com:389/</module-option> > > > > </login-module> > > </authentication> > > </application-policy> > > > > This is what I get: > > ... > > java: Namespace > > > > +- jaas (class: javax.naming.Context) > > | +- other (class: > > org.jboss.security.plugins.SecurityDomainContext) > > | +- JmsXARealm (class: > > org.jboss.security.plugins.SecurityDomainContext) > > | +- jbossmq (class: > > org.jboss.security.plugins.SecurityDomainContext) > > | +- http-invoker (class: > > org.jboss.security.plugins.SecurityDomainContext) > > +- wtgDS (class: > > org.jboss.resource.adapter.jdbc.local.LocalDataSource) > > ... > > > > I have also tried to use the old auth.conf as well without success. > > Does anyone know what I am doing wrong? > > -Keene > > > > ------------------------------------------------------- > > This sf.net email is sponsored by: See the NEW Palm > > Tungsten T handheld. Power & Color in a compact size! > > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > > _______________________________________________ > > JBoss-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/jboss-user > > > > ------------------------------------------------------- > This sf.net email is sponsored by: See the NEW Palm > Tungsten T handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user ===== Thanks! Jon Brisbin [EMAIL PROTECTED] 417.682.6157 (h/w) 417.825.3995 (c) __________________________________________________ Do you Yahoo!? HotJobs - Search new jobs daily now http://hotjobs.yahoo.com/ ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
