Hi All,
I am using LdapExtLoginModule for authentication.
I have configured the login-module in the following way:
<application-policy name="JAAS_LDAP"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" > <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://companyserver:389</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="bindDN">cn=user,ou=xxx,dc=company,dc=com</module-option> <module-option name="bindCredential">password</module-option> <module-option name="baseCtxDN">ou=xxx,dc=company,dc=com</module-option> <module-option name="baseFilter">(cn={0})</module-option> <module-option name="rolesCtxDN">ou=xxx,dc=company,dc=com</module-option> <module-option name="roleFilter">(cn={0})</module-option> <module-option name="roleAttributeID">memberOf</module-option> <module-option name="roleRecursion">-1</module-option> <module-option name="roleNameAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">true</module-option> <module-option name="searchTimeLimit">5000</module-option> <module-option name="searchScope">SUBTREE_SCOPE</module-option> <module-option name="allowEmptyPasswords">false</module-option> </login-module> </authentication> </application-policy>
ERROR [STDERR] Caused by: javax.naming.AuthenticationException: [LD AP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityCon text error, data 525, vece ]
CN=Jim Wood,OU=xxx,DC=company,DC=com
I solved it!
It needs admin user name in bindDN.