Hi, I searched in the forum, and found things, but never all the correct informations somewhere. I also read the jaas-howto, but not much about ldap. Well it's been 2 days, and I can't have the roles for my users !
First, the ldap structure: This is the Tomcat sample schema which is exactly the structure I have here. | dc=mycompany,dc=com | |_ | ou=people | |_ | uid=user1 | |_ | uid=user2 | |_ | ou=groups | |_ | cn=role1 | uniqueMember=uid=user1,ou=people,dc=mycompany,dc=com | uniqueMember=uid=user2,ou=people,dc=mycompany,dc=com | |_ | cn=role2 | uniqueMember=uid=user2,ou=people,dc=mycompany,dc=com | I can authenticate users (on openldap), but they never have their roles... I'm sure about my ldap, it works nice with Tomcat. Here is my config: | <application-policy name="sicliRealm"> | <authentication> | <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> | <module-option | | name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> | <module-option name="java.naming.provider.url">ldap://localhost:389/</module-option> | <module-option name="java.naming.security.authentication">simple</module-option> | <module-option name="principalDNPrefix">uid=</module-option> | <module-option name="principalDNSuffix">,ou=people,dc=mycompany,dc=com</module-option> | <module-option name="rolesCtxDN">ou=groups,dc=mycompany,dc=com</module-option> | <module-option name="uidAttributeID">uniqueMember</module-option> | <module-option name="roleAttributeID">cn</module-option> | <module-option name="matchOnUserDN">false</module-option> | </login-module> | </authentication> | </application-policy> | I tried so many combinations, but never had any roles on a user. So my first question is, what's wrong ? how should I setup the LdapLoginModule ? My second problem is with Oracle OID, it needs authentification before any ldap access. I tried those properties (found somewhere in the forum) but nothing changed: | <module-option name="java.naming.security.principal">uid=user1,ou=people,dc=mycompany,dc=com</module-option> | <module-option name="java.naming.security.credentials">user1Pass</module-option> | How to be authenticated ? Thanks a lot, Frederic <a href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3827912#3827912">View the original post</a> <a href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3827912>Reply to the post</a> ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user