File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JBoss/WildFly and the fly likes LdapLoginModule - almost working Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "LdapLoginModule - almost working" Watch "LdapLoginModule - almost working" New topic

LdapLoginModule - almost working

Asif Rahman

Joined: Oct 01, 2010
Posts: 3

I have been playing around with the LdapLoginModule and trying to secure my web app by authenticating users against LDAP. I was able to do it against a local LDAP server that I had set up, with the following configurations in my login-config.xml file within my JBOSS server:

However, the problem arises when I try to configure this against an external ldap server with a slightly different directory structure. Here are my configurations for that:

There is no uid attribute for users in this server and I need to authenticate by sAMAccountName. I'm thinking I'm misreading the LdapLoginModule specs on the JBOSS community and am very close to making this work - just not sure exactly where my mistake is, probably because I've been looking at this for too long and need a second pair of eyes.

Here's what the user I'm trying to test with looks like in my LDAP directory:

distinguishedName: CN=Fname Sname,OU=Admin Users,OU=HQ,OU=Administration,DC=XXX,DC=XXX

sAMAccountName: the_user_id_i_need_to_authenticate_against

memberOf: CN=SomeName,OU=Groups,DC=XXX,DC=XXX

Please let me know if you need any more information. Any help would be greatly appreciated. Thanks!
Peter Johnson

Joined: May 14, 2008
Posts: 5852

Deja vu:

JBoss In Action
Asif Rahman

Joined: Oct 01, 2010
Posts: 3
Peter Johnson wrote:Deja vu:


In my defense though, I did post this here before I had your response over at the JBOSS community forum.
I agree. Here's the link:
subject: LdapLoginModule - almost working
It's not a secret anymore!