-
1. Re: LDAP and JBoss
tool Mar 5, 2008 8:51 AM (in response to rukh)Just a thought, but what does your login-config.xml file look like?
If you had two LDAP login-modules defined for your application policy, with the first one flagged as "sufficient", then this behavior you describe would make sense. There would be two failed logins and only one successful one and both failed logins would result in very similar network traffic.
EG -
2. Re: LDAP and JBoss
rukh Mar 7, 2008 2:02 AM (in response to rukh)thanks for the reply :)
my login-config.xml looks like this (excluding the standard policies that were there when I set up the server)
<application-policy name="authPolicy">
<authentication>
<login-module code="com.caern.authentication.SecurityLoginModule" flag="required">
<module-option name="userRolesDbSql">
SELECT name FROM caern_role, caern_user WHERE caern_user.id=?
</module-option>
<module-option name="userRolesDataSource">java:/CaernDS</module-option>
</login-module>
</authentication>
</application-policy>
I dont use the sufficient flag anywhere so I guess it is not the point :(
com.caern.authentication.SecurityLoginModule is a decompiled version of LdapLoginModule with some enhanements that were nescessary. -
3. Re: LDAP and JBoss
rukh Mar 7, 2008 3:00 AM (in response to rukh)Sorry for the post under a post, but editing is not permitted here..
I've created a simple application that uses a single class with main method and created there an LdapContext and unfortunately on failed login it also pops by 2... guess I have some LDAP server configuration bug, but I cant see there any "bump failed logins by 2 instead of 1" option...