Can I ask has anyone managed to encrypt the bindCredential within the
login-config.xml
It seems like a serious security issue having plain text passwords.
Is this really the only way to allow users to login using the sAMAccountName
rather than the DN which uses the CN value. It would seem like
I think that you can use the SRPLoginModule with your LDAPLoginModule
http://www.ubookcase.com/book/Sams/JBoss.4.0.The.Official.Guide/0672326485/ch08lev1sec5.html
I have not tried yet to use it.
If you try, i'm interesting in the result :-)
View the original post :
I found an article
http://www.jboss.com/index.html?module=bbop=viewtopicp=3932448#3932448
Posted by cmiles123 who details the steps required to Encrypt the
bindCredentials.
Many thanks to cmiles123 for the post.
View the original post :
Hi,
We have another problem this time.
When a user is logged into my web application, he will be authenticated against
ADI using LdapExtLoginModule and he is allowed to access the application after
successful authentication and authorization.
But for us, the server is authentication and
Hi Neelixx,
The LdapExtLoginModule is awesome. Thanks a lot for your timely and valuable
help.
Finally our LdapExtLoginModule started working fine. Below is our
configuration. Hope this would help someone else, who is searching for similar
information.
This configuration information
Hi,
Thanks a lot for the quick response.
I have created a Security Group in AD with name AuthUserRole and assigned few
users, whom I want to authenticate.
anonymous wrote :
| distinguishedName = CN=AuthUserRole,OU=Security Groups,OU=DPI,OU=IC -
Applications and Computers,DC=company,DC=com
First and foremost, you need to work on authentication before working on
authorization.
If you aren't authenticating, authorization won't do you any good.
Best suggestion I have, is to enable debugging on security in JBoss. Then,
look at the logs to find out what's going on when you
Hi,
I have a J2EE WebApp which expects the user to have a specific role for
authorization (Authentication and Authorization will be against Active
Directory).
Environment details given below:
App Server : JBoss-4.0.5.GA
Directory Services : Microsoft Active Directory.
Steps - 1:
Created a
What is the role you are trying to obtain? Did you create a security-group
that the user is a part of, and trying to authorize based on group?
--Aaron
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=4026074#4026074
Reply to the post :
Well, I'm assuming you have a security group called AuthUserRole, and have
placed the user you are authenticating into that security group. I'm also
assuming you are using LdapExtLoginModule, and that the security group is
located in the search path defined by:
| module-option
10 matches
Mail list logo