Hi All,

I am using LdapExtLoginModule for authentication.
I have configured the login-module in the following way:

 <application-policy name="JAAS_LDAP">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
 <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
 <module-option name="java.naming.provider.url">ldap://companyserver:389</module-option>
 <module-option name="java.naming.security.authentication">simple</module-option>
 <module-option name="bindDN">cn=user,ou=xxx,dc=company,dc=com</module-option>
 <module-option name="bindCredential">password</module-option>
 <module-option name="baseCtxDN">ou=xxx,dc=company,dc=com</module-option>
 <module-option name="baseFilter">(cn={0})</module-option>
 <module-option name="rolesCtxDN">ou=xxx,dc=company,dc=com</module-option>
 <module-option name="roleFilter">(cn={0})</module-option>
 <module-option name="roleAttributeID">memberOf</module-option>
 <module-option name="roleRecursion">-1</module-option>
 <module-option name="roleNameAttributeID">cn</module-option>
 <module-option name="roleAttributeIsDN">true</module-option>
 <module-option name="searchTimeLimit">5000</module-option>
 <module-option name="searchScope">SUBTREE_SCOPE</module-option>
 <module-option name="allowEmptyPasswords">false</module-option>
 </login-module>
 </authentication>
 </application-policy>

I am getting this exception:

ERROR [STDERR] Caused by: javax.naming.AuthenticationException: [LD
AP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityCon
text error, data 525, vece ]

I am not sure where the configuration is incorrect.

I created a simple InitialDirContext through which tried to authenticate against LDAP server which works fine.
The Context.SECURITY_PRINCIPAL I used was in this format:

CN=Jim Wood,OU=xxx,DC=company,DC=com

Can you please suggest me where the configuration is wrong?

Thanks