0 Replies Latest reply on May 18, 2008 10:39 AM by philiparad

    Configuration of Apacheds V1.0 with JBoss 4.2.2

    philiparad May 18, 2008 10:39 AM

      Hi

      I have tried to configure Apacheds to work with JBoss.
      First I have created my ldif file as follow:
      -----------------------------------------------------------------
      dn: ou=nowusers,o=nowserver
      objectclass: organizationalUnit
      objectclass: top
      description: Contains entries which describe NOW users
      userpassword: secret
      ou: users

      dn: cn=nowdemo,ou=nowusers,o=nowserver
      objectclass: person
      objectclass: organizationalPerson
      objectclass: inetOrgPerson
      objectclass: top
      cn: nowdemo
      description: nowdemo
      givenname: nowdemo
      sn: nowdemo
      uid: nowdemo
      userpassword: secret
      -----------------------------------------------------------------
      Then I have configure the login-config.xml:
      -----------------------------------------------------------------

      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
      <module-option name="java.naming.provider.url">ldap://localhost:389/o=nowserver</module-option>
      <module-option name="java.naming.security.authentication">simple</module-option>
      <module-option name="bindDN">cn=nowdemo,ou=nowusers,o=nowserver</module-option>
      <module-option name="bindCredential">secret</module-option>
      <module-option name="baseCtxDN">ou=nowusers</module-option>
      <module-option name="baseFilter">(cn={0})</module-option>
      <module-option name="rolesCtxDN">ou=nowusers</module-option>
      <module-option name="roleFilter">(cn={0})</module-option>
      <module-option name="roleAttributeID">memberOf</module-option>
      <module-option name="roleNameAttributeID">cn</module-option>
      <module-option name="roleAttributeIsDN">true</module-option>
      <module-option name="defaultRole">Everyone</module-option>
      <module-option name="roleRecursion">-1</module-option>
      <module-option name="allowEmptyPasswords">false</module-option>
      <module-option name="unauthenticatedIdentity">system</module-option>
      </login-module>

      </application-policy>
      -----------------------------------------------------------------

      This is the error I get (I have put some printing in the original code):
      -----------------------------------------------------------------
      createLdapInitContext: 1
      createLdapInitContext: bindDN: cn=nowdemo,ou=nowusers,o=nowserver
      createLdapInitContext: bindCredential: secret
      createLdapInitContext: securityDomain: null
      createLdapInitContext: bindCredential: secret
      createLdapInitContext: baseDN: ou=nowusers
      createLdapInitContext: baseFilter: (cn={0})
      createLdapInitContext: roleFilter: (cn={0})
      createLdapInitContext: roleAttributeID: memberOf
      PP1
      constructInitialLdapContext: 1
      constructInitialLdapContext: factoryName: null
      constructInitialLdapContext: authType: simple
      constructInitialLdapContext: protocol: null
      constructInitialLdapContext: providerURL: ldap://localhost:389/o=nowserver
      constructInitialLdapContext: dn: cn=nowdemo,ou=nowusers,o=nowserver
      constructInitialLdapContext: credential: secret
      bindDNAuthentication: user: nowdemo
      bindDNAuthentication: credential: secret
      bindDNAuthentication: baseDN: ou=nowusers
      bindDNAuthentication: filter: (cn={0})
      bindDNAuthentication: name: cn=nowdemo
      bindDNAuthentication: userDN: cn=nowdemo,ou=nowusers
      PP2
      constructInitialLdapContext: 1
      constructInitialLdapContext: factoryName: null
      constructInitialLdapContext: authType: simple
      constructInitialLdapContext: protocol: null
      constructInitialLdapContext: providerURL: ldap://localhost:389/o=nowserver
      constructInitialLdapContext: dn: cn=nowdemo,ou=nowusers
      constructInitialLdapContext: credential: secret
      17:32:49,223 DEBUG [LdapExtLoginModule] Bad password for username=nowdemo
      javax.naming.AuthenticationException: [LDAP: error code 49 - Bind failed: null]
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
      at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
      at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:287)
      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
      at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
      at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
      at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
      at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
      at javax.naming.InitialContext.init(InitialContext.java:223)
      at javax.naming.ldap.InitialLdapContext.(InitialLdapContext.java:134)
      at org.jboss.security.auth.spi.LdapExtLoginModule.constructInitialLdapContext(LdapExtLoginModule.java:568)
      at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:418)
      at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:353)
      at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:232)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
      at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
      at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
      at java.lang.Thread.run(Thread.java:619)
      -----------------------------------------------------------------
      As you can see, it succeed to connect for the first time to the ldap server with the String "dn: cn=nowdemo,ou=nowusers,o=nowserver"
      But the it try to connect again with the string "dn: cn=nowdemo,ou=nowusers" and fails

      Can someone help me about this matter?
      Is my configuration is correct?

      Regards
      Philip

      • 974 Views
      • Tags: