Hi All,
I am using JBoss for deploying application and LDAP to store user data required
for login.
I have implemented a custom login module in login-config.xml which looks like
------------------------------------------------------------------------------
<application-policy name="testLDAP">
<login-module code="com.wipro.test.jaas.loginmodules.LdapLoginModule"
flag="required">
<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option
name="java.naming.provider.url">ldap://localhost:389/dc=example,dc=com</module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option
name="java.naming.security.principal">dc=example,dc=com</module-option>
<module-option name="java.naming.security.credentials">secret</module-option>
<module-option name="principalDNSuffix">ou=Sales</module-option>
<module-option name="uidAttributeID">mail</module-option>
<module-option name="passwordAttribute">userPassword</module-option>
<module-option name="roleAttributeID">telephoneNumber</module-option>
</login-module>
</application-policy>
--------------------------------------------------------------------------------------
I have specified security domain in jboss-web.xml which looks like
--------------------------------------------------------------------------------------
<?xml version="1.0"?>
<jboss-web>
<!-- All secured web content uses this security manager -->
<security-domain>java:/jaas/testLDAP</security-domain>
</jboss-web>
--------------------------------------------------------------------------------------
My customised login module works fine for authentication but if authentication
succeeds it leads me to an error page saying Access to the requested resource
has been denied
My web.xml is as follows
--------------------------------------------------------------------------------------
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
Security constraint /secure
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<role-name>manager</role-name>
</security-role>
--------------------------------------------------------------------------------------
My LDAP enteries look like
# Employees
dn: cn=aarti, ou=Sales, dc=example, dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: aarti
gn: RT
sn: Gagneja
mail: [EMAIL PROTECTED]
userPassword: xyz
telephoneNumber :manager
--------------------------------------------------------------------------------------
I dont where am i going wrong . Do i need to specify roles some where else
also. Any help is appreciated.
Thanx in advance.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4148571#4148571
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4148571
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
