3 Replies Latest reply on Mar 28, 2006 12:55 PM by starksm64

Help with jboss and LDAP , java code

frenchi22 Mar 27, 2006 2:15 AM

Hi Friends, I have developed an application and now need to authenticate using LDAP, my application does not use ejb it is a struts project. I will be accepting an user name and password, i need to authendicate the same. Below are the code that i have added to the

web.xml

<security-constraint>
 <web-resource-collection>
 <web-resource-name>Transport</web-resource-name>
 <description>Require users to authenticate</description>
 <url-pattern>*.jsp</url-pattern>
 <http-method>POST</http-method>
 <http-method>GET</http-method>
 </web-resource-collection>
 <auth-constraint>
 <description>Only allow Authenticated_users role</description>
 <role-name>Authenticated_users</role-name>
 </auth-constraint>
 <user-data-constraint>
 <description>Encryption is not required for the application in general.
 </description>
 <transport-guarantee>NONE</transport-guarantee>
 </user-data-constraint>
 </security-constraint>
 <login-config>
 <auth-method>FORM</auth-method>
 <form-login-config>
 <form-login-page>/pages/login/login1.jsp</form-login-page>
 <form-error-page>/pages/login/login_error.jsp</form-error-page>
 </form-login-config>
 </login-config>

the code that i have included into the

login1.jsp

<form action="j_security_check" method="post">
 Username: <input type="text" name="j_username" ></input>
 Password: <input type="password" name="j_password" ></input>
 <input type="submit" value="Submit" />
</form>

the code for

jboss-web.xml

<security-domain>java:/jaas/transport_web_client_security</security-domain>

The code that i included in

login-config.xml

<application-policy name="transport_web_client_security">
 <authentication>
 <login-module code="org.jboss.security.ClientLoginModule" flag="required"/>
 <login-module code="com.acctp.loginmodule.GenericJbossLoginModule" flag="required"/>
 </authentication>
 </application-policy>

These are the changes that i have done but i am not sure what has to go into the

com.acctp.loginmodule.GenericJbossLoginModule

file could anyone help me with this. I would be very much thankful to you.

thanking you in advance,
Sundeep

1. Re: Help with jboss and LDAP , java code

j2ee_junkie Mar 27, 2006 8:36 AM (in response to frenchi22)

Sundeep,

Assuming you are using Tomcat 5.5 embeded in JBoss >= 4.0.2...

If you are not using EJB's at all, you could consider not using the JBossSecurityMgrRealm for the web app context described. Use Tomcat's LDAPRealm instead. See Tomcat docs http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html for more details.

However, I recommend reading chapter 8 of jboss server guide http://docs.jboss.org/jbossas/jboss4guide/r3/html/ch8.chapter.html to get details about using jboss' LDAP login module.

hope this helps, cgriffith
Actions
2. Re: Help with jboss and LDAP , java code

frenchi22 Mar 27, 2006 10:47 PM (in response to frenchi22)

Thank you cgriffith for the solution. I still have not got the whole solution but thank you for the tip.
Actions
3. Re: Help with jboss and LDAP , java code

starksm64 Mar 28, 2006 12:55 PM (in response to frenchi22)

My question would be why don't the existing login modules work:
http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapLoginModule
http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule
Actions

Go to original post