Using ADAM (Active Directory Application Mode) & LdapExtLogi
senthilid14 May 16, 2006 2:03 AMHi,
I am using ADAM(a mini version of Active Directory), and I want to use either LdapLoginModule or LdapExtLoginModule. I am unable to logon my application. Its repeatedly asking username, password
I wrote a standalone program to connect with ADAM, I am able to fetch entries, Here are the properties to connect.
Hashtable hs=new Hashtable();
hs.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
hs.put(Context.PROVIDER_URL,"ldap://localhost:389/OU=security,DC=ties,DC=teradata,DC=ncr,DC=com");
hs.put(Context.SECURITY_AUTHENTICATION,"simple");
hs.put(Context.SECURITY_PRINCIPAL,"CN=admin1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com");
hs.put(Context.SECURITY_CREDENTIALS,"admin1");
hs.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
hs.put(Context.PROVIDER_URL,"ldap://localhost:389/OU=security,DC=ties,DC=teradata,DC=ncr,DC=com");
hs.put(Context.SECURITY_AUTHENTICATION,"simple");
hs.put(Context.SECURITY_PRINCIPAL,"CN=admin1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com");
hs.put(Context.SECURITY_CREDENTIALS,"admin1");
Under the OU=security context, I created groups and users like below
CN=admin,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
CN=developer,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
CN=user,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
CN=admin1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
CN=developer1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
CN=user1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com
Here is login module config
<application-policy name="myrealm">
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.provider.url">ldap://localhost:389</module-option>
<module-option name="bindDN">CN=admin1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="bindCredential">admin1</module-option>
<module-option name="baseCtxDN">OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="baseFilter">(cn={0})</module-option>
<module-option name="rolesCtxDN">OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="roleFilter">(member={0})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</application-policy>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.provider.url">ldap://localhost:389</module-option>
<module-option name="bindDN">CN=admin1,OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="bindCredential">admin1</module-option>
<module-option name="baseCtxDN">OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="baseFilter">(cn={0})</module-option>
<module-option name="rolesCtxDN">OU=security,DC=ties,DC=teradata,DC=ncr,DC=com</module-option>
<module-option name="roleFilter">(member={0})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchScope">ONELEVEL_SCOPE</module-option>
</login-module>
</application-policy>
where did I go wrong, Please help