| Author |
LDAP Integration with JBoss
|
Fady Matar
Greenhorn
Joined: Aug 13, 2003
Posts: 12
|
|
Hey al I am trying to integrate Domino LDAP with JBoss, and here are the steps I have followed.
My LDAP schema is the following:
version: 1
dn: O=OJ
objectclass: organization
objectclass: top
o: OJ
dn: CN=Directory Manager,O=OJ
objectclass: organizationalRole
objectclass: top
objectclass: labeledURIObject
cn: DirectoryManager
cn: Directory Manager
roleoccupant: UID=fady,OU=People,O=OJ
dn: OU=Groups,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Groups
dn: CN=Administrators,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
cn: Administrators
uniquemember: UID=fady,OU=People,O=OJ
dn: CN=Users,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
uniquemember: UID=fady,OU=People,O=OJ
uniquemember: UID=harvey,OU=People,O=OJ
dn: OU=People,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: People
dn: UID=fady,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: fady
labeleduri: mailto:fady@OJ.net Directory Manager
mail: fady@OJ.net
sn: fady
uid: fady
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: UID=grefenp,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: grefenp
mail: grefenp@OJ.net
sn: grefenp
uid: grefenp
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: OU=Roles,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Roles
dn: CN=Admin_Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Admin_Members
uniquemember: CN=Administrators,OU=Groups,O=OJ
dn: CN=Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Members
uniquemember: CN=Users,OU=Groups,O=OJ
I updated the login-config.xml and added to it the following:
<application-policy name="ldapdomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapLoginModule"
flag= "required">
<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option
name="java.naming.provider.url">ldap://shakfuserver:389/
</module-option>
<module-option
name="java.naming.security.authentication">simple
</module-option>
<module-option
name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,ou=People,o=OpenJ2EE
</module-option>
<module-option
name="uidAttributeID">uid
</module-option>
<module-option
name="roleAttributeID">cn
</module-option>
<module-option
name="roleNameAttributeId">cn
</module-option>
<module-option
name="roleAttributeIsDN">false
</module-option>
<module-option
name="matchOnUserDN">false
</module-option>
<module-option
name="rolesCtxDN">ou=Groups,o=OpenJ2EE
</module-option>
<module-option
name="unauthenticatedIdentity">nobody
</module-option>
</login-module>
</authentication>
</application-policy>
My problem is that I'm unable to authenticate any user. I'm always redirected to the login error page.
Any help is highly appreciated
Best Regards,
Fady
|
Reasonable men adapt themselves to the world.<br />Unreasonable men adapt the world to themselves.<br />That's why all progress depends on unreasonable men.
|
 |
norman richards
Author
Ranch Hand
Joined: Jul 21, 2003
Posts: 364
|
|
|
One problem might be that your JBoss config refers to o=Open J2EE but the LDIF data you have refers to o=OJ.
|
[<a href="http://members.capmac.org/~orb/blog.cgi" target="_blank" rel="nofollow">blog</a>] [<a href="http://www.amazon.com/exec/obidos/ASIN/0596100078/orb-20" target="_blank" rel="nofollow">JBoss: A Developer's Notebook</a>] [<a href="http://www.amazon.com/exec/obidos/ASIN/1932394052/orb-20" target="_blank" rel="nofollow">XDoclet in Action</a>]
|
|
Fady Matar
Greenhorn
Joined: Aug 13, 2003
Posts: 12
|
|
Thanks for pointing out to this but this is not the problem since it's just a typo mistake.
Any other suggestions?
|
|
 |
|
|
subject: LDAP Integration with JBoss
|
|
|
0
