It's not a secret anymore!*
The moose likes JBoss/WildFly and the fly likes LdapLoginModule - almost working Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "LdapLoginModule - almost working" Watch "LdapLoginModule - almost working" New topic
Author

LdapLoginModule - almost working

Asif Rahman
Greenhorn

Joined: Oct 01, 2010
Posts: 3
Hello,

I have been playing around with the LdapLoginModule and trying to secure my web app by authenticating users against LDAP. I was able to do it against a local LDAP server that I had set up, with the following configurations in my login-config.xml file within my JBOSS server:



However, the problem arises when I try to configure this against an external ldap server with a slightly different directory structure. Here are my configurations for that:




There is no uid attribute for users in this server and I need to authenticate by sAMAccountName. I'm thinking I'm misreading the LdapLoginModule specs on the JBOSS community and am very close to making this work - just not sure exactly where my mistake is, probably because I've been looking at this for too long and need a second pair of eyes.

Here's what the user I'm trying to test with looks like in my LDAP directory:

distinguishedName: CN=Fname Sname,OU=Admin Users,OU=HQ,OU=Administration,DC=XXX,DC=XXX

sAMAccountName: the_user_id_i_need_to_authenticate_against

memberOf: CN=SomeName,OU=Groups,DC=XXX,DC=XXX

Please let me know if you need any more information. Any help would be greatly appreciated. Thanks!
Peter Johnson
author
Bartender

Joined: May 14, 2008
Posts: 5836
    
    7

Deja vu: http://community.jboss.org/thread/157274


JBoss In Action
Asif Rahman
Greenhorn

Joined: Oct 01, 2010
Posts: 3
Peter Johnson wrote:Deja vu: http://community.jboss.org/thread/157274

Indeed.

In my defense though, I did post this here before I had your response over at the JBOSS community forum.
 
GeeCON Prague 2014
 
subject: LdapLoginModule - almost working