Try just running the JNDI code used by the LdapLoginModule and see what
the issue is. There have been issues reported about using JNDI to access
active directory.
You can see the code here:
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/jboss/jbosssx/src/main/org/jb
oss/security/auth/spi/LdapLoginModule.java?rev=1.4&content-type=text/vnd.vie
wcvs-markup
- Original Message -
From: "Carlos Ferrão" <[EMAIL PROTECTED]>
To: "jboss ml" <[EMAIL PROTECTED]>
Sent: Wednesday, September 19, 2001 12:26 PM
Subject: [JBoss-user] LDAPLoginModule used with Win2000
>
> Hello List,
>
> I'm trying to perform authentication against Windows 2000 Active Directory
> (which is LDAP).
> In my domain I have two groups (Tuser and Tadmin) and users assigned to
> them. The security definition in the deployment descriptor of my beans
> comply to those. I've tested before my application with
> org.jboss.security.auth.spi.UsersRolesLoginModule and everything works
fine.
> I have JBoss running in Linux and Win2000.
>
> I used the LDAP configuration in auth.conf as described in
> http://www.jboss.org/documentation/HTML/ch09s17.html and I'm getting the
> following error:
>
> [siigpstestBean] CONTAINER EXCEPTION:Configuration Error:
> Line 31: expected 'option key', found 'null'
> [siigpstestBean] java.lang.SecurityException: Configuration Error:
> [siigpstestBean]Line 31: expected 'option key', found 'null'
> [siigpstestBean]at
> com.sun.security.auth.login.ConfigFile.getAppConfigur
> ationEntry(ConfigFile.java:221)
> [siigpstestBean]at
> javax.security.auth.login.LoginContext.init(LoginCont
> ext.java:172)
> [siigpstestBean]at
> javax.security.auth.login.LoginContext.(LoginCo
> ntext.java:266)
> [siigpstestBean]at
> javax.security.auth.login.LoginContext.(LoginCo
> ntext.java:380)
> [siigpstestBean]at
> org.jboss.security.plugins.JaasSecurityManager.defaul
> tLogin(JaasSecurityManager.java:351)
>
> My auth.conf is as follows:
>
> libsec {
> org.jboss.security.plugins.samples.LdapLoginModule required
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
> principalDNPrefix=uid=
> uidAttributeID=userid
> roleAttributeID=rolenames
> principalDNSuffix=,ou=People,o=mydomain.com
> rolesCtxDN=ou=Users,cn=Project1,ou=Projects,o=mydomain.com
> java.naming.provider.url=ldap://hall:389/
> java.naming.security.authentication=simple
> };
>
> I've tried to put "users" in uidAttributeID and "group" in
roleAttributeID,
> commented out several the prefix lines, tried different values for
> rolesCtxDN, it's like shooting in the dark..
>
> Can please someone enlighten me on this??? Is this the correct approach
for
> performing authentication and authorisation in a win 2000 server?? is it
> necessary to perform something special on win 2000???
>
> Thanks in advance,
> Carlos Ferrao
>
>
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
>
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user