Hi,
Not sure we were having the same problem.
My problem certainly looked like yours.
>From my SunEnterpriseSystem LDAP server
access log (SunONE, or iPlanet), I saw:
SRCH
base="ou=groups,o=root"
scope=2
filter="(uniqueMember=*)" attrs="cn"
In other words, all groups under ou=groups,o=root
were assigned to the authenticated user.
The problem of course is the filter.
It should be (uniqueMember=username)
or (uniqueMember=uid=username,ou=people,o=root).
What I did was to modify
jboss-4.0.3SP1-src/security/src/main/org/jboss/security/auth/spi/LdapLoginModule.java
a bit.
original: answer = ctx.search(rolesCtxDN, roleFilter.toString(), filterArgs,
controls);
new: answer = ctx.search(rolesCtxDN, "("+uidAttrName+"="+userToMatch+")",
controls);
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3923498#3923498
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3923498
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
