Need help with DynamicLoginConfig
bbernie May 3, 2007 1:41 PMHi.
I am trying to configure a very simple LDAP security domain for testing purposes.
This is my login-conig.xml file:
<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <policy> <application-policy name="ldapTest"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial"> com.sun.jndi.ldap.LdapCtxFactory </module-option> <module-option name="java.naming.provider.url"> ldap://ldapserver:389/ </module-option> <module-option name="java.naming.security.authentication"> simple </module-option> <module-option name="principalDNPrefix">uid=</module-option> <module-option name="principalDNSuffix"> ,ou=People,dc=domain,dc=net </module-option> <module-option name="rolesCtxDN"> ou=NetGroup,dc=domain,dc=net </module-option> <module-option name="uidAttributeID">uniqueMember</module-option> <module-option name="matchOnUserDN">true</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">false </module-option> </login-module> </authentication> </application-policy> </policy>
I have tried placing this file in META-INF, but jboss only finds the security domain when it is defined in the global login-config.xml file.
I know that the answer to the problem is to configure DynamicLoginConfig to look for my login-config.xml file. The problem is that I can not DynamicLoginConfig working properly.
I created a jboss-service.xml file in META-INF with the following contents:
<server> <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="jboss:service=DynamicLoginConfig"> <attribute name="AuthConfig">META-INF/login-config.xml</attribute> <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig </depends> <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager </depends> </mbean> </server>
However, Jboss still will not load the login-config.xml file as expected.
I then continued my search on this issue, and discovered that I needed a jboss-app.xml file to load the jboss-service.xml I created. I created one like so:
<?xml version="1.0" encoding="UTF-8"?> <jboss-app> <module> <service>META-INF/jboss-service.xml</service> </module> </jboss-app>
I have tried deploying this package with jboss-app.xml file in both META-INF and in the root of the package, and either way, I can not get Jboss to load the package specific login-config.xml file.
Am I missing anything else?
Any assistance will be greatly appreciated.
Thank you in advance for any help you can offer.