• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

LDAP Integration with JBoss

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey al I am trying to integrate Domino LDAP with JBoss, and here are the steps I have followed.
My LDAP schema is the following:
version: 1
dn: O=OJ
objectclass: organization
objectclass: top
o: OJ
dn: CN=Directory Manager,O=OJ
objectclass: organizationalRole
objectclass: top
objectclass: labeledURIObject
cn: DirectoryManager
cn: Directory Manager
roleoccupant: UID=fady,OU=People,O=OJ
dn: OU=Groups,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Groups
dn: CN=Administrators,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
cn: Administrators
uniquemember: UID=fady,OU=People,O=OJ
dn: CN=Users,OU=Groups,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Users
uniquemember: UID=fady,OU=People,O=OJ
uniquemember: UID=harvey,OU=People,O=OJ
dn: OU=People,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: People
dn: UID=fady,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: fady
labeleduri: mailto:fady@OJ.net Directory Manager
mail: fady@OJ.net
sn: fady
uid: fady
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: UID=grefenp,OU=People,O=OJ
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: top
cn: grefenp
mail: grefenp@OJ.net
sn: grefenp
uid: grefenp
userpassword:: KDU5QUZCNEZDRTBDMzIzOTA4MDFGMjVCNEQ5M0IxRkZFKQ==
dn: OU=Roles,O=OJ
objectclass: organizationalUnit
objectclass: top
ou: Roles
dn: CN=Admin_Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Admin_Members
uniquemember: CN=Administrators,OU=Groups,O=OJ
dn: CN=Members,OU=Roles,O=OJ
objectclass: groupOfUniqueNames
objectclass: top
cn: Members
uniquemember: CN=Users,OU=Groups,O=OJ
I updated the login-config.xml and added to it the following:
<application-policy name="ldapdomain">
<authentication>
<login-module
code="org.jboss.security.auth.spi.LdapLoginModule"
flag= "required">

<module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option
name="java.naming.provider.url">ldap://shakfuserver:389/
</module-option>
<module-option
name="java.naming.security.authentication">simple
</module-option>
<module-option
name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,ou=People,o=OpenJ2EE
</module-option>
<module-option
name="uidAttributeID">uid
</module-option>
<module-option
name="roleAttributeID">cn
</module-option>
<module-option
name="roleNameAttributeId">cn
</module-option>
<module-option
name="roleAttributeIsDN">false
</module-option>
<module-option
name="matchOnUserDN">false
</module-option>
<module-option
name="rolesCtxDN">ou=Groups,o=OpenJ2EE
</module-option>
<module-option
name="unauthenticatedIdentity">nobody
</module-option>
</login-module>
</authentication>
</application-policy>
My problem is that I'm unable to authenticate any user. I'm always redirected to the login error page.
Any help is highly appreciated
Best Regards,
Fady
 
Author
Posts: 367
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One problem might be that your JBoss config refers to o=Open J2EE but the LDIF data you have refers to o=OJ.
 
Fady Matar
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for pointing out to this but this is not the problem since it's just a typo mistake.
Any other suggestions?
 
I'm so happy! And I wish to make this tiny ad happy too:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic